nanog mailing list archives
Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability)
From: James <haesu () towardex com>
Date: Thu, 22 Apr 2004 20:58:05 -0400
Couldn't we use 2 /30 subnets on PtP links? 1 /30 with real IPs for ICMP, MTU, reachability etc. and one RFC1918 /30 as secondary for eBGP sessions. I know when a router originates a packet (like with BGP) it sets the source IP to the IP of the interface the packet leaves. Is BGP smart enough when setting up BGP neighbors to use an IP in the same subnet as the neighbor (the secondary interface IP)?
in IOS bgp will bind source ip that is relevant to the subnet it is being peered with, even if it is a secondary ip. i am not sure if it binds the ip to primary ip for the first time, then fall back to secondary ip as primary fails though.. all i know is that when i've tried it by putting a bogus ip as primary, bgp session did turn up, but took a little longer than usual.. didn't investigate any further however. -J -- James Jun TowardEX Technologies, Inc. Technical Lead Network Design, Consulting, IT Outsourcing james () towardex com Boston-based Colocation & Bandwidth Services cell: 1(978)-394-2867 web: http://www.towardex.com , noc: www.twdx.net
Current thread:
- Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) Lane Patterson (Apr 22)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) James (Apr 22)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) Matthew Crocker (Apr 22)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) James (Apr 22)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) Niels Bakker (Apr 23)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) Matthew Crocker (Apr 22)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) Stephen J. Wilcox (Apr 22)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) James (Apr 22)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) Patrick W . Gilmore (Apr 22)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) Pekka Savola (Apr 23)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) Patrick W . Gilmore (Apr 23)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYNvulnerability) sthaug (Apr 23)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) Alex Bligh (Apr 23)
- Re: Alternate and/or hidden infrastructure addresses (BGP/TCP RST/SYN vulnerability) Pekka Savola (Apr 23)