[j-nsp] eBGP multihop

Christopher Morrow morrowc at ops-netman.net
Sun Feb 1 15:02:21 EST 2004

On Feb 1, 2004, at 7:30 PM, Gary Tate wrote:

> http://www.secsup.org/CustomerBlackHole/
> If this is indeed the document that you are referring too then this is 
> only added for consistency with the Cisco solution configuration that 
> is given.  It is not a requirement on the Juniper side and shouldn't 
> have been added to the document just to make it consistent.

certianly its not required for a juniper only solution, or a juniper 
provider edge solution :)  It should be updated for that contingency, I 
believe the original thought was that if the provider side was Cisco 
based and thus required the multihop option, the customer side would 
also need to be multihop...

after a little test that doesn't seem to be required, so the document 
should be updated to reflect that also.

Thanks Gary.

> Gary
> On Jan 31, 2004, at 12:34 AM, Christopher Morrow wrote:
>> On Jan 29, 2004, at 11:51 AM, Khan, Amjad wrote:
>>> Hi,
>>> Can someone clarify in detail that why do we need to use eBGP 
>>> multihop/ttl2
>>> when using the famous 'blackholing' technique to discard malicious 
>>> traffic.
>>> Is it something to do with the nexthop self attribute?
>> you only require this setting if one of the 2 peers is a cisco :) I 
>> believe its actually explained somewhat at: www.secsup.org though it 
>> might need some better wording or clarification.
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> http://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list