diff options
| -rw-r--r-- | doc/user/ldpd.rst | 28 | ||||
| -rw-r--r-- | tests/topotests/ldp_vpls_topo1/r1/ldpd.conf | 1 | ||||
| -rw-r--r-- | tests/topotests/ldp_vpls_topo1/r2/ldpd.conf | 1 | ||||
| -rw-r--r-- | tests/topotests/ldp_vpls_topo1/r3/ldpd.conf | 1 |
4 files changed, 31 insertions, 0 deletions
diff --git a/doc/user/ldpd.rst b/doc/user/ldpd.rst index 149e851891..682443a456 100644 --- a/doc/user/ldpd.rst +++ b/doc/user/ldpd.rst @@ -128,6 +128,21 @@ LDP Configuration the IPv4 or IPv6 transport-address used by the LDP protocol to talk on this interface. +.. clicmd:: ttl-security disable + + Located under the LDP address-family node, use this command to disable the + GTSM procedures described in RFC 6720 (for the IPv4 address-family) and + RFC 7552 (for the IPv6 address-family). + + Since GTSM is mandatory for LDPv6, the only effect of disabling GTSM for the + IPv6 address-family is that *ldpd* will not discard packets with a hop limit + below 255. This may be necessary to interoperate with older implementations. + Outgoing packets will still be sent using a hop limit of 255 for maximum + compatibility. + + If GTSM is enabled, multi-hop neighbors should have either GTSM disabled + individually or configured with an appropriate ttl-security hops distance. + .. clicmd:: neighbor A.B.C.D password PASSWORD The following command located under MPLS router node configures the router @@ -143,6 +158,19 @@ LDP Configuration this time of non response, the LDP established session will be considered as set to down. By default, no holdtime is configured for the LDP devices. +.. clicmd:: neighbor A.B.C.D ttl-security disable + + Located under the MPLS LDP node, use this command to override the global + configuration and enable/disable GTSM for the specified neighbor. + +.. clicmd:: neighbor A.B.C.D ttl-security hops (1-254) + + Located under the MPLS LDP node, use this command to set the maximum number + of hops the specified neighbor may be away. When GTSM is enabled for this + neighbor, incoming packets are required to have a TTL/hop limit of 256 + minus this value, ensuring they have not passed through more than the + expected number of hops. The default value is 1. + .. clicmd:: discovery hello holdtime HOLDTIME .. clicmd:: discovery hello interval INTERVAL diff --git a/tests/topotests/ldp_vpls_topo1/r1/ldpd.conf b/tests/topotests/ldp_vpls_topo1/r1/ldpd.conf index 594ec5a58f..a19e5ccacb 100644 --- a/tests/topotests/ldp_vpls_topo1/r1/ldpd.conf +++ b/tests/topotests/ldp_vpls_topo1/r1/ldpd.conf @@ -14,6 +14,7 @@ mpls ldp ! address-family ipv4 discovery transport-address 1.1.1.1 + ttl-security disable label local allocate host-routes ! interface r1-eth1 diff --git a/tests/topotests/ldp_vpls_topo1/r2/ldpd.conf b/tests/topotests/ldp_vpls_topo1/r2/ldpd.conf index ffb4f0974a..447b3f140a 100644 --- a/tests/topotests/ldp_vpls_topo1/r2/ldpd.conf +++ b/tests/topotests/ldp_vpls_topo1/r2/ldpd.conf @@ -14,6 +14,7 @@ mpls ldp ! address-family ipv4 discovery transport-address 2.2.2.2 + ttl-security disable label local allocate host-routes ! interface r2-eth1 diff --git a/tests/topotests/ldp_vpls_topo1/r3/ldpd.conf b/tests/topotests/ldp_vpls_topo1/r3/ldpd.conf index c95471ffd8..ab51471499 100644 --- a/tests/topotests/ldp_vpls_topo1/r3/ldpd.conf +++ b/tests/topotests/ldp_vpls_topo1/r3/ldpd.conf @@ -14,6 +14,7 @@ mpls ldp ! address-family ipv4 discovery transport-address 3.3.3.3 + ttl-security disable label local allocate host-routes ! interface r3-eth1 |