(config-router) neighbor 1.2.3.4 ttl-security 1 Now do a "debug ip packet <acl> detail" with a BGP-only ACL on your far-end router (1.2.3.4) and see what the TTL is when the packet arrives. 255 - TTL of the packet = number of hops in between you.
This works because TTL-Security sets the TTL to 255 before transmitting, and only allows packets that have a TTL of 255 - <setting>. In this way, the packets will still arrive for your capture, but the neighborship won't establish until you enter a more sane TTL setting than "1". Hope this helps, -Keller Keller Giacomarro [email protected] On Wed, Apr 17, 2013 at 10:48 PM, Baldeep Birdy <[email protected]>wrote: > Guys, > > Haven't posted for a while as I've been immersing myself in labs. The fun > of IPv6, Multicast and MPLS :) but I'm getting there. > > Back to point, I was doing a lab where I had some eBGP peers that were > multiple hops apart. When I configured everything up I forgot to add the > eBGP multihop command. After some troubleshooting I figured out my school > boy error but it sparked a question. > > Scenario is that you have peers multi hops away, but you have no > visibility of the internetwork connecting them. So you dont know how many > hops there are i.e. traceroute doesnt work. When you use the show ip bgp > neighbours command it tells you that the peer is multi hops away, but > doesnt give more info. > > Is there a debug that gives you info on what to set the TTL to? I know the > lazy answer is just to use 255 in the multihop command, but what if we want > to be very specific. TTL Boundary esque !? > > If the peer is 5 hops away but I set my multihop command to 4 my peering > wont come up!? so again, is there a debug to give me a helpful hint? > > Cheers > Bal > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > http://onlinestudylist.com/mailman/listinfo/ccie_rs > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com http://onlinestudylist.com/mailman/listinfo/ccie_rs
