Hi Justin,
On 06.05.20 20:15, Justin Cattle wrote:
Hi,
Is it possible to bind BFD listen ports to a particular IP ?
I've tried a few different BFD procol configs, tried specify different
neighbor options, but I always see this:
udp UNCONN 0 0 0.0.0.0:3784
0.0.0.0:* users:(("bird",pid=7219,fd=12))
udp UNCONN 0 0 0.0.0.0:4784
0.0.0.0:* users:(("bird",pid=7219,fd=13))
I would like to bind it to the IP for each p2p interface, so it's not
reachable on any other IPs.
> Is what I'm trying to acheive even possible ?
If you are running linux you can maybe achieve this by setting
`arp_announce`, to avoid answers from different interfaces of the
machine; and if I'm not mistaken the spec for BFD states that regarding
security the "only" option is to filter on interface, src addr and
ttl=255. (Sry but atm I'm to lazy to look it up...)
Hope this helps a little bit.
Best,
Bernd
