BFD bind port to IP
Bernd Naumann
bena at spreadshirt.net
Wed May 13 10:41:58 CEST 2020
Hi Justin,
On 06.05.20 20:15, Justin Cattle wrote:
> Hi,
>
>
> Is it possible to bind BFD listen ports to a particular IP ?
>
> I've tried a few different BFD procol configs, tried specify different
> neighbor options, but I always see this:
>
> udp UNCONN 0 0 0.0.0.0:3784
> 0.0.0.0:* users:(("bird",pid=7219,fd=12))
>
> udp UNCONN 0 0 0.0.0.0:4784
> 0.0.0.0:* users:(("bird",pid=7219,fd=13))
>
> I would like to bind it to the IP for each p2p interface, so it's not
> reachable on any other IPs.
> > Is what I'm trying to acheive even possible ?
If you are running linux you can maybe achieve this by setting
`arp_announce`, to avoid answers from different interfaces of the
machine; and if I'm not mistaken the spec for BFD states that regarding
security the "only" option is to filter on interface, src addr and
ttl=255. (Sry but atm I'm to lazy to look it up...)
Hope this helps a little bit.
Best,
Bernd
More information about the Bird-users
mailing list