[c-nsp] ibgp TTL

Oliver Boehmer (oboehmer) oboehmer at cisco.com
Wed Oct 14 12:44:22 EDT 2009 

Manu,

> More detail:
> 
> I have a standard IP/MPLS backbone with MP-iBGP between PEs loopbacks with
> IS-IS L2 or OSPF area 0 as IGP.
> 
> This IGP is extended to some non MPLS routers X.
> 
> In some backbone links failure, IGP allow MP-iBGP to stay UP via X links
> (non MPLS).
> 
> This specific IGP design introduce a L3VPN blackhole that can be solved by
> IGP prefix filtering or by limiting TTL for MP-iBGP sessions, if possible :)

Hmm, you could also cause iBGP session to fail if you just add an interface ACL not allowing iBGP between your PEs across the links not running MPLS.

Not sure if there is any real solution to this, other than increasing the link metric towards the "non-MPLS-capble part" so much that MPLS packets will not cross these links (or turn this part of the network into a stub area to achieve the same).

	oli

 

> On Wed, Oct 14, 2009 at 2:10 PM, Oliver Boehmer (oboehmer)
> <oboehmer at cisco.com> wrote:
> yes, only supported for ebgp. Would be interested about the "very
> specific design" and why Manu requires this functionality?
> 
>        oli
> 
> > AFAIK this command is for eBGP only, no?
> >
> > On Tue, Oct 13, 2009 at 10:07 PM, Matlock, Kenneth L
> > <MatlockK at exempla.org>wrote:
> >
> > > Router bgp <AS>
> > > Neighbor <AS> ttl-security hops <hops>
> > >
> > > ?
> > >
> > > Ken Matlock
> > > Network Analyst
> > > Exempla Healthcare
> > > (303) 467-4671
> > > matlockk at exempla.org
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: cisco-nsp-bounces at puck.nether.net
> > > [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Manu Chao
> > > Sent: Tuesday, October 13, 2009 4:52 AM
> > > To: cisco-nsp at puck.nether.net
> > > Subject: [c-nsp] ibgp TTL
> > >
> > > For a very specific design, i need to limit TTL value in
> ibgp-multihop.
> > >
> > > Is it possible to limit iBGP TTL like we do with ebgp-multihop ttl
> > > command?
> > >
> > > Any input appreciated.
> > >
> > > Manu
> > >  _______________________________________________
> > > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list