[107133] in North American Network Operators' Group
Re: BGP, ebgp-multihop and multiple peers
daemon@ATHENA.MIT.EDU (Steve Bertrand)
Wed Aug 27 08:16:02 2008
Date: Wed, 27 Aug 2008 08:16:01 -0400
From: Steve Bertrand <steve@ibctech.ca>
To: Iljitsch van Beijnum <iljitsch@muada.com>
In-Reply-To: <648F6AC0-ACC3-4DCC-B839-079873482523@muada.com>
Cc: nanog@merit.edu
Errors-To: nanog-bounces@nanog.org
Iljitsch van Beijnum wrote:
> On 27 aug 2008, at 7:58, Paul Wall wrote:
>
>>> - single loopback/single IP for all peers, or;
>>> - each peer with its own loopback/IP?
>
>> You should use caution when using loopback IP addresses and building
>> external multihop BGP sessions. By permitting external devices to
>> transmit packets to your loopback(s), you open the door to
>> spoof/denial of service attacks.
>
> [...]
>
> Indeed. I would use two loopbacks, one for internal stuff that is
> unreachable from the outside, another one from another range that allows
> the external sessions.
>
> But that's more a question of ease of management than of risk, because
> if people can do something bad using one loopback address, it really
> doesn't matter much that additional ones are better protected.
Thanks for the feedback.
The only reason I use loopbacks for eBGP multihop is so that if one of
my physical interfaces goes down taking a transit link with it, these
particular sessions will attempt to re-establish via another path.
Would someone be so kind as to point me in the direction of some
documentation that describes the drawbacks (regarding the mentioned
possibility of DoS/spoof attacks) of externally accessible loopbacks?
I'm drawing a blank on why this is any more risky than having a peering
session (multihop) on a physical interface.
Would it be best if I configured the peering sessions on a physical
interface instead?
Steve
