[c-nsp] ttl-security issues
Charles Sprickman
spork at bway.net
Thu Jun 28 01:29:47 EDT 2012
On Jun 27, 2012, at 6:20 AM, Dobbins, Roland wrote:
>
> On Jun 27, 2012, at 4:54 PM, Charles Sprickman wrote:
>
>> I enabled this on one and about a minute later the bgp session dropped
>
> <http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_btsh.html#wp1059212>
"This feature should be configured on each participating router."
http://www.team-cymru.org/ReadingRoom/Templates/secure-bgp-template.html didn't mention it, but did have a big link to the above URL.
My apologies for the noise. I simply skipped over one of the most important sentences in that document.
> <http://www.cisco.com/web/about/security/intelligence/CiscoIOSXR.html#72>
>
> <http://www.cisco.com/web/about/security/intelligence/protecting_bgp.html#7>
>
>> ps - what are some good references these days for overall cisco best practices in an ISP environment?
>
> <http://www.ciscopress.com/bookstore/product.asp?isbn=1587053365>
I have a link to some information about protecting the management plane stuffed in a wiki TODO list somewhere, but that looks a bit more comprehensive.
Thanks to all who replied, truly appreciated.
Charles
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
>
> Luck is the residue of opportunity and design.
>
> -- John Milton
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list