We can peer with a device in other Autonomous System using eBGP.
The AD(administrative distance) for eBGP peers is 20.
By default the time-to-live(TTL) is set to 1 for eBGP sessions.
If a eBGP session is configured between two non-directly connected peers,the TTL
must be increased or manipulated.
This is also applies when a loopback interface is used to connect two eBGP neighbors.
The common way to increase a eBGP TTL is by using command “ebgp multihop [TTL value]”.
There are Three ways to manipulate TTL field in eBGP sessions.
The syntax for eBGP peering with loopback interfaces is:-
Suppose here in figure R1 is in AS 100 and R2 is in AS 200,and we want to establish
connectivity using there respective loopbacks.
R1(conf)#router bgp 100
R1(config-router)#neighbor 188.8.131.52 remote-as 200
R1(config-router)#neighbor 184.108.40.206 update-source loopback0
R1(config-router)#neighbor 220.127.116.11 ebgp-multihop 2
R2(conf)#router bgp 200
R2(config-router)#neighbor 18.104.22.168 remote-as 100
R2(config-router)#neighbor 22.214.171.124 update-source loopback0
R2(config-router)#neighbor 126.96.36.199 ebgp-multihop 2
Here in the above scenario “update-source loopback0” command is used because
we are peering with loopback interfaces here and by default BGP takes the
connected interface as update source and if we have not updated the source
of the BGP packets by default it had taken the FastEthernet interface.
Also we have taken “ebgp-multihop 2” because router counts loopback interface
as hops so the first hop is from R1 FastEthernet to R2 FastEthernet and then the second
hop as R2 loopback0 interface,thats why we have used “ebgp-multihop 2”.
If we have not-mentioned the hop(2) in the command “ebgp-multihop “the BGP has
taken as maximum hop as 255.
There are two more ways to manipulate TTL field in eBGP,first i have mentioned
The second is “disable-connected-check” feature,it is mostly used where the eBGP
session between two devices is routed over another transit router,the syntax is:-
R2(config-router)#neighbor 188.8.131.52 disable-connected-check
The third option is “TTL-security hops [hop count]”,the syntax is:-
R2(config-router)#neighbor 184.108.40.206 ttl-security hops 2
The “ttl-security” ,When this feature is enabled, BGP will establish and maintain
the session only if the TTL value in the IP packet header is equal to or greater
than the TTL value configured for the peering session. If the value is less than
the configured value, the packet is silently discarded and no Internet Control
Message Protocol (ICMP) message is generated. This feature is both effective and
easy to deploy.
Here in the above example we are saying to router that the TTL must be equal to
or greater than 2 to establish eBGP peering,if the TTL is less than 2 the
neighborship will not form.