Preventing Rogue LDP Devices.

Forcing our routers just to accept connections from devices that we allow specifically, is a good practice to avoid MPLS Rogue Devices, from becoming neighbors in our network, thus, injecting bad information or capturing network sensitive data

You can control the information the routers sends using the mpls ldp discovery transport address and then select the correct IP Address that the router will use to open the TCP Session.

in this case R2 was configured

so if R2 changes the MPLS Router ID, we can assure that R2 in that interface will always attempt to establish a TCP session with R1 if R1 has a higher Router-ID

We can do the same configuration in R2, in order to prevent Rougue MPLS Devices

A Networker Blog


Related Post

Advertisements

One thought on “Preventing Rogue LDP Devices.

  1. Pingback: LDP Transport Address « A Networker Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s