Академический Документы
Профессиональный Документы
Культура Документы
Task
AS-65523 is experiencing a large number of DoS attacks on TCP port 179. Configure R1 and R3 for
BGP TTL Security Hack to prevent spoofing.
packets and with the eBGP MultiHop feature it sets it to a configured value.
Therefore, when using the command neighbor IP_ADDR ttl-security hops 2, the minimal
acceptable TTL will be 253.
The configuration for this is fairly simple and must be done on both sides of the BGP neighbor
relationship. Begin on R3.
R3:
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router bgp 65523
R3(config-router)# neighbor 136.1.13.1 ttl-security hops 1
R3(config-router)#end
R3#
R1:
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router bgp 65343
R1(config-router)#neighbor 136.1.13.3 ttl-security hops 1
R1(config-router)#end
R1#
R1:
R3: