Dude... I lost the last 2 hours trying to understand this behavior and I was like "wtf am I missing?" lol glad to know that I'm not the only one thanks for the video
Yep, this show output has always bothered me. I have to think "min TTL after decrementing". If I do ttl-security hops 1, the router should only accept a min incoming TTL of 255. It should be 256-hops, but a lot of people think it is 255-hops. As far as I know, decrementing doesn't happen upon ingress, it happens on egress, so considering it 255-hops because the router will decrement it by 1 doesn't seem correct anyways. Oh well.
I remember facing the same thing a few years ago and had the privilege to ask one of Cisco's software engineers about it. If I recall correctly, when a packet reaches a router, in this case R1, one of the first things that happen is the TTL decrement of the packet and then it gets passed on to other stacks. Even though we receive it with the TTL of 253, by the time BGP process gets it, it has become 252. To this day, it is still weird for me why it has to work like this.
Actually, the TTL decrement is one of the last things that happens. This CEF post actually has some good info about it: learningnetwork.cisco.com/s/blogs/a0D3i000002SKKGEA4/demystifying-cef
Thanks for sharing.... but in that case, if the router receives a BGP packet with TTL=1... the router would decrement this TTL and drop it before send to BGP
Cisco doc isnt wrong. You are using loopback interface for neighborship. use disable connected check command and hops 2 from R4 neighborship will come up. But without disable connected check hops 3 must be. Because of loopback interface. if you use direct connected interface for neighborship hops 2 will be useful from R4 too.
The disable-disconnected-check doesn't apply here. That command only impacts neighbors a single-hop away: www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/command/irg-cr-book/bgp-m1.html#wp2556182590 The neighbor relationship to R4 will only come up if you set the TTL-security to 3, regardless of if it's a loopback or not.
Dude... I lost the last 2 hours trying to understand this behavior and I was like "wtf am I missing?" lol
glad to know that I'm not the only one
thanks for the video
IF nothing else its a much better explanation of ttl-security than I was given elsewhere
Yep, this show output has always bothered me. I have to think "min TTL after decrementing". If I do ttl-security hops 1, the router should only accept a min incoming TTL of 255. It should be 256-hops, but a lot of people think it is 255-hops. As far as I know, decrementing doesn't happen upon ingress, it happens on egress, so considering it 255-hops because the router will decrement it by 1 doesn't seem correct anyways. Oh well.
The joys of trying to find your own materials on ccie :)
I remember facing the same thing a few years ago and had the privilege to ask one of Cisco's software engineers about it. If I recall correctly, when a packet reaches a router, in this case R1, one of the first things that happen is the TTL decrement of the packet and then it gets passed on to other stacks. Even though we receive it with the TTL of 253, by the time BGP process gets it, it has become 252.
To this day, it is still weird for me why it has to work like this.
Actually, the TTL decrement is one of the last things that happens. This CEF post actually has some good info about it:
learningnetwork.cisco.com/s/blogs/a0D3i000002SKKGEA4/demystifying-cef
@@michael_obrien Thanks for sharing the link
Thanks for sharing.... but in that case, if the router receives a BGP packet with TTL=1... the router would decrement this TTL and drop it before send to BGP
Cisco doc isnt wrong. You are using loopback interface for neighborship. use disable connected check command and hops 2 from R4 neighborship will come up. But without disable connected check hops 3 must be. Because of loopback interface. if you use direct connected interface for neighborship hops 2 will be useful from R4 too.
The disable-disconnected-check doesn't apply here. That command only impacts neighbors a single-hop away:
www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/command/irg-cr-book/bgp-m1.html#wp2556182590
The neighbor relationship to R4 will only come up if you set the TTL-security to 3, regardless of if it's a loopback or not.