Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

multihop

Syntax

Hierarchy Level

Description

Configure an EBGP multihop session.

For Layer 3 VPNs, you configure the EBGP multihop session between the PE and CE routing devices. This allows you to configure one or more routing devices between the PE and CE routing devices.

An external confederation peer is a special case that allows unconnected third-party next hops. You do not need to configure multihop sessions explicitly in this particular case because multihop behavior is implied.

If you have external BGP confederation peer-to-loopback addresses, you still need the multihop configuration.

Note:

You cannot configure the accept-remote-nexthop statement at the same time.

Default

If you omit this statement, all EBGP peers are assumed to be directly connected (that is, you are establishing a nonmultihop, or “regular,” BGP session), and the default time-to-live (TTL) value is 1.

Options

no-nexthop-change no-nexthop-self

Specify that the BGP next-hop value not be changed. For route advertisements, specify the no-nexthop-self option.

An external confederation peer is a special case that allows unconnected third-party next hops. You do not need to configure multihop sessions explicitly in this particular case; multihop behavior is implied.

If you have external BGP confederation peer-to-loopback addresses, you still need the multihop configuration.

Note:

You cannot configure the accept-remote-nexthop statement at the same time.

  • Default: If you omit this statement, all EBGP peers are assumed to be directly connected (that is, you are establishing a nonmultihop, or “regular,” BGP session), and the default time-to-live (TTL) value is 1.

ttl ttl-value

Configure the maximum time-to-live (TTL) value for the TTL in the IP header of BGP packets.

Configure the maximum time-to-live (TTL) value for the TTL in the IP header of BGP packets.

For BGP multihop scenarios, in which EBGP peers are not directly connected to each other, setting a TTL is optional. The default setting is 64.

For BGP single-hop scenarios, in which external EBGP peers are directly connected to each other, you can, optionally, set the TTL to 255 and configure an inbound firewall filter to allow only BGP control packets with the TTL set to 255. This is in accordance with RFC 3682, The Generalized TTL Security Mechanism (GTSM). For example:

Send all BGP control packets with the TTL set to 255:

Accept only BGP control packets that have the TTL set to 255:

Apply the firewall filter to the inbound interface for the EBGP single-hop peer:

  • Range: 1 through 255, for multihop peers

  • Default: 64 (for multihop EBGP sessions, confederations, and IBGP sessions)

  • Range: 1 or 255, for single-hop peers

  • Default: 1 (for single-hop EBGP sessions)

Required Privilege Level

routing—To view this statement in the configuration.

routing-control—To add this statement to the configuration.

Release Information

Statement introduced before Junos OS Release 7.4.

Support for setting the TTL on single-hop external BGP (EBGP) peers introduced in Junos OS Release 13.3.