[j-nsp] eBGP multihop
Christopher Morrow
morrowc at ops-netman.net
Sun Feb 1 15:02:21 EST 2004
On Feb 1, 2004, at 7:30 PM, Gary Tate wrote:
> http://www.secsup.org/CustomerBlackHole/
>
> If this is indeed the document that you are referring too then this is
> only added for consistency with the Cisco solution configuration that
> is given. It is not a requirement on the Juniper side and shouldn't
> have been added to the document just to make it consistent.
>
certianly its not required for a juniper only solution, or a juniper
provider edge solution :) It should be updated for that contingency, I
believe the original thought was that if the provider side was Cisco
based and thus required the multihop option, the customer side would
also need to be multihop...
after a little test that doesn't seem to be required, so the document
should be updated to reflect that also.
Thanks Gary.
> Gary
>
> On Jan 31, 2004, at 12:34 AM, Christopher Morrow wrote:
>
>>
>> On Jan 29, 2004, at 11:51 AM, Khan, Amjad wrote:
>>
>>> Hi,
>>> Can someone clarify in detail that why do we need to use eBGP
>>> multihop/ttl2
>>> when using the famous 'blackholing' technique to discard malicious
>>> traffic.
>>> Is it something to do with the nexthop self attribute?
>>>
>>
>> you only require this setting if one of the 2 peers is a cisco :) I
>> believe its actually explained somewhat at: www.secsup.org though it
>> might need some better wording or clarification.
>>
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> http://puck.nether.net/mailman/listinfo/juniper-nsp
>>
More information about the juniper-nsp
mailing list