[nsp] Path MTU discovery
Daniel Roesen
dr at cluenet.de
Sun Apr 18 15:10:46 EDT 2004
On Sun, Apr 18, 2004 at 02:55:23PM -0400, Robert Boyle wrote:
> I have use mtu path discovery for years with tunnel interfaces.
> Is there a global config command or is this simply a BGP specific
> per peer config option?
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/ipcprt1/1cdip.htm#1001846
I would think twice about enabling it though, because it makes your
BGP and LDP sessions vulnerable to ICMP frag-need-but-TTL-exceeded
attacks, where MD5 authentication doesn't help at all.
Regards,
Daniel
More information about the cisco-nsp
mailing list