Configure Generalized Ttl Security Mechanism (Gtsm) For Ospf - Cisco NCS 5500 Series Configuration Manuals

Implementing OSPF
and allows for only one-hop neighbor adjacencies through the configuration of TTL value 255. The TTL value
in the IP header is set to 255 when OSPF packets are originated, and checked on the received OSPF packets
against the default GTSM TTL value 255 or the user configured GTSM TTL value, blocking unauthorized
OSPF packets originated from TTL hops away.

Configure Generalized TTL Security Mechanism (GTSM) for OSPF

This task explains how to set the security time-to-live mechanism on an interface for GTSM.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
DETAILED STEPS
Step 1 configure
Step 2
router ospf process-name
Example:
RP/0/RP0/CPU0:router(config)# router ospf 1
Enables OSPF routing for the specified routing process and places the router in router configuration mode.
Note The process-name argument is any alphanumeric string no longer than 40 characters.
Step 3
router-id { router-id }
Example:
RP/0/RP0/CPU0:router(config-ospf)# router id 10.10.10.100
Configures a router ID for the OSPF process.
Note We recommend using a stable IPv4 address as the router ID.
Step 4
log adjacency changes [ detail | disable ]
Example:
RP/0/RP0/CPU0:router(config-ospf-ar-if)# log adjacency changes detail
configure
router ospf process-name
router-id { router-id }
log adjacency changes [ detail | disable ]
nsf { cisco [ enforce global ] | ietf [ helper disable ]}
timers throttle spf spf-start spf-hold spf-max-wait
area area-id
interface type interface-path-id
security ttl [ disable | hops hop-count ]
commit
show ospf [ process-name ] [ area-id ] interface [ type interface-path-id ]
Routing Configuration Guide for Cisco NCS 5500 Series Routers, IOS XR Release 6.3.x
Configure Generalized TTL Security Mechanism (GTSM) for OSPF
99