[c-nsp] inter-as mp-bgp with ttl-security issue
Gert Doering
gert at greenie.muc.de
Tue Jan 3 14:37:21 EST 2012
Hi,
On Tue, Jan 03, 2012 at 05:51:37PM +0100, Vitkovsky, Adam wrote:
> Now here's the catch:
> If I decide to use "ttl-security" in the session template on both ends I won't get routing updates across the established session
> Reason according to debug: -- DENIED due to: non-connected MP_REACH NEXTHOP;, label 18
Unless you use "ebgp-multihop" or "disabled-connected-check", the
next-hop received must be in a locally connected(!) subnet on the
receiving side.
> -which is not true as the Inter-AS-route-reflector has a route to the originating PE in the other AS route is pointing to the ASBR connecting to the other AS
... which is not "connected". Very much not so :-)
Note that it doesn't tell you "non-reachable ... NEXTHOP" but "non-connected".
gert
no 4-letter certificates
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20120103/933d8f06/attachment.sig>
More information about the cisco-nsp
mailing list