R3303-HP HSR6800 Routers Layer 3 - IP Routing Command Reference
285
Usage guidelines
With the peer ttl-security hops command configured, the device checks whether the TTL in the BGP
packets received from the peer falls into the valid TTL range—255-hop-count+1 to 255. If yes, the packet
is delivered to the CPU. Otherwise, the packet is discarded. Thus, GTSM prevents CPU utilization based
attacks, and enhances system security. In addition, with GTSM configured, the device sends packets with
TTL 255.
The peer ttl-security hops command and the peer ebgp-max-hop command are mutually exclusive.
You must configure GTSM on both the local and peer devices, and you can specify different hop-count
values in a valid range for them.
Examples
# In BGP view, configure GTSM for BGP peer group test.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] peer test ttl-security hops 1
# In BGP-VPN instance view, configure GTSM for BGP peer group test.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] ipv4-family vpn-instance vpn1
[Sysname-bgp-ipv4-vpn1] peer test ttl-security hops 1
peer update-no-advertise (BGP view)
Use peer update-no-advertise to disable BGP from sending routing updates to the specified peer or peer
group, except for the default route sent by the peer default-route-advertise command.
Use undo peer update-no-advertise to restore the default.
Syntax
peer { group-name | ip-address } update-no-advertise
undo peer { group-name | ip-address } update-no-advertise
Default
BGP sends routing updates to peers.
Views
BGP view
Default command level
2: System level
Parameters
group-name: Specifies a peer group by its name, a string of 1 to 47 characters.
ip-address: Specifies a peer by its IP address.
Examples
# D i s a b l e B G P f ro m s e n d i n g r o u t i n g u p d a t e s t o t h e p e e r 1.1.1.1.
<Sysname> system-view
[Sysname] bgp 100