set protocols mpls ldp neighbor ttl-security disable

Owned by Tracy Yang
Nov 18, 2024
1 min read

The set protocols mpls ldp neighbor ttl-security disable command disables Generalized TTL Security Mechanism (GTSM), as specified in RFC 5082.

The delete protocols mpls ldp neighbor ttl-security disable command deletes the configuration.

 

Command Syntax

set protocols mpls ldp neighbor <ip> ttl-security disable

delete protocols mpls ldp neighbor <ip> ttl-security

 

Parameter

Parameter

Description

neighbor <ip>

Specifies the IPv4/IPv6 address of an LDP peer.

 

Usage Guidelines

Disabling TTL security means that the router will not enforce TTL checks for packets from this neighbor, potentially making the system less secure. TTL security is often used to mitigate spoofing attacks where an attacker attempts to establish an LDP session by sending fake packets with a manipulated TTL value.

This might be necessary if compatibility with older or certain specific devices that do not support TTL security is required.

NOTE:

The commands set protocols mpls ldp neighbor <ip> ttl-security hops <integer> and set protocols mpls ldp neighbor <ip> ttl-security disable cannot be configured simultaneously.

 

Example

  • Disable Generalized TTL Security Mechanism (GTSM).

admin@PICOS# set protocols mpls ldp neighbor 2.2.2.2 ttl-security disable admin@PICOS# commit

 

 

Copyright © 2024 Pica8 Inc. All Rights Reserved.