Re: BGP in promiscous/passive mode!

From: Adel Abushaev (adel@netmasterclass.net)
Date: Tue Dec 30 2003 - 23:28:05 GMT-3

• Next message: Hunt Lee: "DSL to 2511"
• Previous message: Serran: "OT : Cisco Lab Gear For Sale in Australia"
• Maybe in reply to: Nathasha Aleyevka: "BGP in promiscous/passive mode!"
• Next in thread: Brian McGahan: "RE: BGP in promiscous/passive mode!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Not exactly on session establishment:

    When TCP starts the session, let's assume router R1 is a client, router
R2 is a server. R1 is connecting to R2:

    R1->R2: SYN
    R2->R1: SYN,ACK
    R1->R2: ACK

        after that TCP connection is established.

    if R2 is calling R1, it's all reversed.

    If you want (but for what reason?) only R1 to be able to setup BGP
session to R2, then you may lock traffic
from R2 to R1 to permit only "established".

Thanks,

Adel Abouchaev
CCIE# 12037, MCSE
http://www.netmasterclass.net

> IP: s=1.1.1.1 (Ethernet0), d=1.1.1.2 (Ethernet0), len 60, rcvd 3
> TCP src=11009, dst=179, seq=2156087920, ack=0, win=16384 SYN
> IP: s=1.1.1.1 (Ethernet0), d=1.1.1.2 (Ethernet0), len 60, rcvd 3
> TCP src=11009, dst=179, seq=2156087921, ack=2260118643, win=16384 ACK
> IP: s=1.1.1.1 (Ethernet0), d=1.1.1.2 (Ethernet0), len 99, rcvd 3
> TCP src=11009, dst=179, seq=2156087921, ack=2260118643, win=16384 ACK
PSH
> IP: s=1.1.1.1 (Ethernet0), d=1.1.1.2 (Ethernet0), len 73, rcvd 3
> TCP src=11009, dst=179, seq=2156087966, ack=2260118672, win=16355 ACK
PSH su
> BGP table version is 1, main routing table version 1
> Having said that, it seems to me that the router initiating the
TCPconnection in the above scenarion is router R1, but the BGP session is
started by R2.
>
> If router R1 were to iniate a BGP session second line should look like
> IP: s=1.1.1.1 (Ethernet0), d=1.1.1.2 (Ethernet0), len 60, rcvd 3
> TCP src=179, dst=11016, seq=2918566711, ack=3022616789, win=16384 ACK
SYN
> therefore the configuration should be done on the router which stops
traffic going to port 179
>
> Am I reading this correctly? Thank you
> Nathasha
>
>
>
>
>
>
> ---------------------------------
> Do you Yahoo!?
> New Yahoo! Photos - easier uploading and sharing
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Hunt Lee: "DSL to 2511"
• Previous message: Serran: "OT : Cisco Lab Gear For Sale in Australia"
• Maybe in reply to: Nathasha Aleyevka: "BGP in promiscous/passive mode!"
• Next in thread: Brian McGahan: "RE: BGP in promiscous/passive mode!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Jan 03 2004 - 08:25:46 GMT-3