To Next Page

To Previous Page

Generalized TTL Security Mechanism support

The device supports the Generalized TTL Security Mechanism (GTSM) as dened in RFC 3682. GTSM protects the device from attacks

of invalid BGP4 control trac that is sent to overload the CPU or hijack the BGP4 session. GTSM protection applies to EBGP neighbors

only.

When GTSM protection is enabled, BGP4 control packets sent by the device to a neighbor have a Time To Live (TTL) value of 255. In

addition, the device expects the BGP4 control packets received from the neighbor to have a TTL value of either 254 or 255. For

multihop peers (where the ebgp-multihop option is congured for the neighbor), the device expects the TTL for BGP4 control packets

received from the neighbor to be greater than or equal to 255, minus the congured number of hops to the neighbor. If the BGP4

control packets received from the neighbor do not have the anticipated value, the device drops them.

For more information on GTSM protection, refer to RFC 3682.

To enable GTSM protection for neighbor 192.168.9.210 (for example), enter the following command.

device(config-bgp-router)# neighbor 192.168.9.210 ebgp-btsh

Syntax: [no] neighbor ip-addr | peer-group-name ebgp-btsh

NOTE

For GTSM protection to work properly, it must be enabled on both the device and the neighbor.

Displaying BGP4 information

You can display the following

conguration information and statistics for BGP4 protocol:

• Summary BGP4 conguration information for the device

• Active BGP4 conguration information (the BGP4 information in the running conguration)

• Neighbor information

• Peer-group information

• Information about the paths from which BGP4 selects routes

• Summary BGP4 route information

• Virtual Routing and Forwarding (VRF) instance information

• The device’s BGP4 route table

• Route ap dampening statistics

• Active route maps (the route map conguration information in the running conguration)

• BGP4 graceful restart neighbor Information

• AS4 support and asdot notation

Displaying summary BGP4 information

You can display the local AS number, the maximum number of routes and neighbors supported, and some BGP4 statistics. You can also

display BGP4 memory usage for:

• BGP4 routes installed

• Routes advertising to all neighbors (aggregated into peer groups)

• Attribute entries installed

Generalized TTL Security Mechanism support

FastIron Ethernet Switch Layer 3 Routing

438 53-1003627-04

Brand	Brocade Communications Systems
Model	FastIron X Series
Category	Switch
Language	English

Brocade Communications Systems FastIron X Series User Manual

Other manuals for Brocade Communications Systems FastIron X Series