Generalized TTL Security Mechanism (GTSM) can be configured to protect external Border Gateway Protocol (eBGP) peering sessions.
Procedure
-
Enter the
configure terminal command to access global configuration mode.
device# configure terminal
-
Enter the
router bgp command to enable BGP routing.
device(config)# router bgp
-
Enter the
local-as command to configure the autonomous system number (ASN) in which your device resides.
device(config-bgp-router)# local-as 65520
-
Enter the
neighbor remote-as
command to add a neighbor.
device(config-bgp-router)# neighbor 10.10.10.1 remote-as 2
-
Enter the
neighbor ebgp-btsh command, specifying an IP address, to enable GTSM.
device(config-bgp-router)# neighbor 10.10.10.1 ebgp-btsh
Example
This example summarizes the commands in this
procedure.
device# configure terminal
device(config)# router bgp
device(config-bgp-router)# local-as 65520
device(config-bgp-router)# neighbor 10.10.10.1 remote-as 2
device(config-bgp-router)# neighbor 10.10.10.1 ebgp-btsh
