Just simple note in case you're studying ccie lab. As you know, anything you can do - you can also do it another way.
For example you need to configure eBGP session between 2 directly connected routers and initiate session from Loopback interfaces. All of the following commands will be suitable:
ttl security hops 2 = disable-connected-check = ebgp-multihop 2
Please note that ebgp-multihop 2 and ttl-security hops 2 will also allow to establish bgp session with router one hop away, even if you're initiating session from loopbacks, it may be not desired in redundant topologies. For example:
R1 ---- R2 ---- R3
R1 and R3 can also form bgp peering.
disable-connected-check is not modifying TTL of bgp ip packets, it just allow bgp session to be established from non directly connected subnets (it disables this default precheck behavior).
Also here is interesting buggy trick to make somebody crazy. You can configure ebgp-multihop 1 and it will be not shown in configuration (as of 15.2(4)M6 ) and will not allow to configure ttl-security.
For example:
For example you need to configure eBGP session between 2 directly connected routers and initiate session from Loopback interfaces. All of the following commands will be suitable:
ttl security hops 2 = disable-connected-check = ebgp-multihop 2
Please note that ebgp-multihop 2 and ttl-security hops 2 will also allow to establish bgp session with router one hop away, even if you're initiating session from loopbacks, it may be not desired in redundant topologies. For example:
R1 ---- R2 ---- R3
R1 and R3 can also form bgp peering.
disable-connected-check is not modifying TTL of bgp ip packets, it just allow bgp session to be established from non directly connected subnets (it disables this default precheck behavior).
Also here is interesting buggy trick to make somebody crazy. You can configure ebgp-multihop 1 and it will be not shown in configuration (as of 15.2(4)M6 ) and will not allow to configure ttl-security.
For example:
R1(config-router)#neighbor 120.100.2.1 ebgp-multihop 1
R1(config-router)#do sh run | sec bgp
router bgp 100
bgp log-neighbor-changes
neighbor 120.100.2.1 remote-as 300
neighbor 120.100.2.1 update-source Loopback0
R1(config-router)#neighbor 120.100.2.1 ttl-security hops 2
Remove ebgp-multihop before configuring ttl-security
R1(config-router)#do sh run | sec bgp
router bgp 100
bgp log-neighbor-changes
neighbor 120.100.3.1 remote-as 300
neighbor 120.100.3.1 update-source Loopback0
R1(config-router)#no neighbor 120.100.2.1 ebgp-multihop 1
R1(config-router)#neighbor 120.100.2.1 ttl-security hops 2
hermes bags
ОтветитьУдалитьugg boots
canada goose sale
cheap ugg boots
vibram fivefingers
ray ban sunglasses
ugg slippers
adidas shoes
ugg outlet
burberry scarf
201711.9chenjinyan
michael kors outlet
ОтветитьУдалитьburberry outlet
converse
ray ban sunglasses
oakley sunglasses
michael kors
ugg australia
polo ralph lauren
pandora
nike mercurial
2017.11.30xukaimin
off white clothing
ОтветитьУдалитьvapormax
adidas nmd
adidas stan smith
fila shoes
cheap jordans