Re: BGP TTL from Carlos G Mendioroz on 2011-10-21 (Ccielab archives 10/2011)

From: Carlos G Mendioroz <tron_at_huapi.ba.ar>
Date: Fri, 21 Oct 2011 09:23:03 -0300

TTL serves loop control as a primary function. Data plane.
It does not matter much when exactly it is evaluated/decremented,
but that it is decremented on each hop and eventually dropped
when it gets to 0.

Second function (added value) is scoping. I.e. you can control how far
this packet will get changing the initial value. So routing protocols
use this feature to get an added security that messages are only
processed by neighbours, by setting TTL to 1.
BGP changes that when you do multihop, obviously.

Now, from a security standpoint, someone might want to talk to your
router when in fact it should not. Here's a third application of TTL:
I'd like to call it reverse scoping. By enforcing a minimum TTL above 0
(say m), you are in fact restricting anyone that is farther than 255-m
from being able to talk to you. That's inbound TTL.

Talk about reusing a feature :)

-Carlos

CCIE KID @ 21/10/2011 8:25 -0300 dixit:
> Hi fellas,
>
> I am working on BGP and i find in sh ip bgp neighbor command, the incoming
> TTL and the outgoing TTL . I understood the outgoing TTL is the one when the
> control plane packets are generated , the TTL in the IP Header will be 255.
> I find the incoming TTL to 0 . Can anyone explain me what is actually meant
> by incoming TTL. My understanding is the incoming TTL is the when the
> neighbor send u any BGP Control plane packet, the local router is expecting
> this TTL value in the IP HEader. Am i right ?
> So the incoming TTL valus is 0 in my case..
>
> Router drops a packet with a TTL value of 0. So when the control plane
> packet comes. it should be of TTL of 1.
> TTL will be only decremented on the outgoing interface and not the incoming
> interface. THe genreal logic says that the TTL of all control plane packets
> of all IGPS will be 1 and so when a router receives this control plane
> packet , it is destined to itself , it will update the OSPF or EIGRP RIB and
> in turn do the local computation for the best path .
>
> My question is whether the where does the TTL decrement happen ? My answer
> is outbound and for any other control plane packet it will be destined to
> itslef , so there will be no decrement in the TTL
>

-- 
Carlos G Mendioroz  <tron_at_huapi.ba.ar>  LW7 EQI  Argentina
Blogs and organic groups at http://www.ccie.net

Received on Fri Oct 21 2011 - 09:23:03 ART

This archive was generated by hypermail 2.2.0 : Tue Nov 15 2011 - 13:10:29 ART