Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring BGP GTSM
Context
To protect a device against the attacks of forged BGP packets, you can configure GTSM to check whether the TTL value in the IP packet header is within the specified range. If the TTL value of a packet is within the specified range, the packet is allowed to pass through. Otherwise, the packet is discarded to protect the device.
Procedure
- Run system-view
The system view is displayed.
- Run bgp { as-number-plain | as-number-dot }
The BGP view is displayed.
The configurations of GTSM and peer ebgp-max-hop affect the TTL values of BGP packets, which may cause a conflict between TTL values. Therefore, you can configure only either of the two functions for a peer or peer group.
- Run peer { group-name | ipv4-address | ipv6-address } valid-ttl-hops [ hops ]
BGP GTSM is configured.
By default, GTSM is not configured on any BGP peer or peer group.
- Run commit
The configuration is committed.
