set protocols mpls ldp neighbor ttl-security hops
The set protocols mpls ldp neighbor ttl-security hops command enforces Generalized TTL Security Mechanism (GTSM), as specified in RFC 5082. With this command, only neighbors that are the specified number of hops away will be allowed to become neighbors. This command is mutually exclusive with ebgp-multihop.
By default, TTL hop is 0, indicating ttl-security is disabled.
The delete protocols mpls ldp neighbor ttl-security hops command deletes the configuration.
NOTE:
The valid range of TTL values allowed for detection packets varies among devices from different vendors, including 1 to 255 and 1 to 64. Therefore, when interoperating with devices from other vendors, it is necessary to configure different hop values according to the implementation of the other vendor's devices. Otherwise, packets sent by the peer will be discarded, leading to interruption of the LDP session.
The commands set protocols mpls ldp neighbor <ip> ttl-security hops <integer> and set protocols mpls ldp neighbor <ip> ttl-security disable cannot be configured simultaneously.
Command Syntax
set protocols mpls ldp neighbor <ip> ttl-security hops <integer>
delete protocols mpls ldp neighbor <ip> ttl-security hops
Parameter
Parameter | Description |
neighbor <ip> | Specifies the IPv4/IPv6 address of an LDP peer. |
hops <integer> | Specifies the maximum number of valid hops allowed by the GTSM function. That value is an integer which can be configured between 1 and 254. By default, TTL hop is 0, indicating ttl-security is disabled. |
Example
Configure GTSM valid hops.
admin@PICOS# set protocols mpls ldp neighbor 2.2.2.2 ttl-security hops 10
admin@PICOS# commit
Copyright © 2024 Pica8 Inc. All Rights Reserved.