[nsp] Path MTU discovery

Daniel Roesen dr at cluenet.de
Sun Apr 18 15:10:46 EDT 2004


On Sun, Apr 18, 2004 at 02:55:23PM -0400, Robert Boyle wrote:
> I have use mtu path discovery for years with tunnel interfaces.
> Is there a global config command or is this simply a BGP specific
> per peer config option?

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/ipcprt1/1cdip.htm#1001846

I would think twice about enabling it though, because it makes your
BGP and LDP sessions vulnerable to ICMP frag-need-but-TTL-exceeded
attacks, where MD5 authentication doesn't help at all.


Regards,
Daniel


More information about the cisco-nsp mailing list