BGP, ebgp-multihop and multiple peers

Steve Bertrand steve at
Wed Aug 27 07:16:01 CDT 2008

Iljitsch van Beijnum wrote:
> On 27 aug 2008, at 7:58, Paul Wall wrote:
>>> - single loopback/single IP for all peers, or;
>>> - each peer with its own loopback/IP?
>> You should use caution when using loopback IP addresses and building
>> external multihop BGP sessions. By permitting external devices to
>> transmit packets to your loopback(s), you open the door to
>> spoof/denial of service attacks.
> [...]
> Indeed. I would use two loopbacks, one for internal stuff that is 
> unreachable from the outside, another one from another range that allows 
> the external sessions.
> But that's more a question of ease of management than of risk, because 
> if people can do something bad using one loopback address, it really 
> doesn't matter much that additional ones are better protected.

Thanks for the feedback.

The only reason I use loopbacks for eBGP multihop is so that if one of 
my physical interfaces goes down taking a transit link with it, these 
particular sessions will attempt to re-establish via another path.

Would someone be so kind as to point me in the direction of some 
documentation that describes the drawbacks (regarding the mentioned 
possibility of DoS/spoof attacks) of externally accessible loopbacks?

I'm drawing a blank on why this is any more risky than having a peering 
session (multihop) on a physical interface.

Would it be best if I configured the peering sessions on a physical 
interface instead?


More information about the NANOG mailing list