diff options
author | Asbjørn Sloth Tønnesen <asbjorn@labitat.dk> | 2021-06-18 21:03:50 +0000 |
---|---|---|
committer | Asbjørn Sloth Tønnesen <asbjorn@labitat.dk> | 2021-06-18 22:00:32 +0000 |
commit | b90e3611976192db56394b57c9527db7a58af62c (patch) | |
tree | 320ae46748077c88f777d6db8f03e31268293e63 /roles/space_server/files/nftables/nftables.service | |
parent | 1a0e6180c199225b1790d74614a4c727cfec1f7d (diff) | |
download | labitat-ansible-b90e3611976192db56394b57c9527db7a58af62c.tar.gz labitat-ansible-b90e3611976192db56394b57c9527db7a58af62c.tar.xz labitat-ansible-b90e3611976192db56394b57c9527db7a58af62c.zip |
space_server: bird: fiberby: enable TTL security
This protects us amount otherthings against 3rd parties
resetting the TCP connection underneat our BGP sessions.
This has been enabled in both ends, and this
_MUST_ remain enabled, otherwise these sessions
will go down.
If this needs to be disabled for some reason
then it must be coordinated with Fiberby.
RFC 5082 - The Generalized TTL Security Mechanism
https://datatracker.ietf.org/doc/html/rfc5082
Diffstat (limited to 'roles/space_server/files/nftables/nftables.service')
0 files changed, 0 insertions, 0 deletions