Programmable Internetworking & Communication Operating System Docs ... Click Spaces -> Space Directory to see docs for all releases ...
Page tree
Skip to end of metadata
Go to start of metadata

The set protocols bgp neighbor ttl-security hops command enables BGP to establish connection with external peers residing on networks that are not directly connected. By enabling this feature, the received TTL from a BGP peer is compared with the difference "255 - hop-count". BGP messages coming with a TTL less than this value are not accepted. BGP peering will not be established if the TTL in the session establishment is received with a lower value. Also, by enabling this feature the router will send BGP packets with TTL value of 255 to the neighbor. For a neighbor, either TTL security or ebgp-multihop can be configured, not both together. If there are multiple paths to reach the node, then the hop count should be configured considering the longest route.

The delete protocols  bgp neighbor ttl-security hops command disables the peer ttl-security-hop feature.

Command Syntax

set protocols bgp [vrf <vrf-name>{neighbor <ip>| peer-group <peer-group> | interface <interface>ttl-security hops <HOP-COUNT>

delete protocols bgp [vrf <vrf-name>{neighbor <ip>| peer-group <peer-group> | interface <interface>} ttl-security hops <HOP-COUNT>




vrf <vrf-name>

Optional. Specifies a VRF name. The value is a string. It’s a user-defined VRF set by the command set ip vrf <vrf-name> [description <string>].

neighbor <ip>Specifies the IP address of a peer.
peer-group <peer-group>Specifies a peer group.
interface <interface>Specifies an interface for BGP connection.
ttl-security hops <HOP-COUNT>Specifies the hop count to reach the neighbor for the eBGP session. Range: 1-254.

• This example enables the peer ttl-security-hop feature.

admin@XorPlus# set protocols bgp neighbor ttl-security hops 10
admin@XorPlus# commit

  • No labels