Iljitsch van Beijnum wrote:
On 27 aug 2008, at 7:58, Paul Wall wrote:
- single loopback/single IP for all peers, or; - each peer with its own loopback/IP?
You should use caution when using loopback IP addresses and building external multihop BGP sessions. By permitting external devices to transmit packets to your loopback(s), you open the door to spoof/denial of service attacks.
[...]
Indeed. I would use two loopbacks, one for internal stuff that is unreachable from the outside, another one from another range that allows the external sessions.
But that's more a question of ease of management than of risk, because if people can do something bad using one loopback address, it really doesn't matter much that additional ones are better protected.
Thanks for the feedback. The only reason I use loopbacks for eBGP multihop is so that if one of my physical interfaces goes down taking a transit link with it, these particular sessions will attempt to re-establish via another path. Would someone be so kind as to point me in the direction of some documentation that describes the drawbacks (regarding the mentioned possibility of DoS/spoof attacks) of externally accessible loopbacks? I'm drawing a blank on why this is any more risky than having a peering session (multihop) on a physical interface. Would it be best if I configured the peering sessions on a physical interface instead? Steve