To protect device from attacks, Generalized TTL Security Mechanism (GTSM) checks the TTL value of a packet to check whether the packet is valid. To check the TTL value of an LDP packet exchanged between LDP peers, enable GTSM on LDP peers and set the TTL range. If the TLL of an LDP packet is out of the TTL range, the LDP packet is considered as an invalid attack packet and discarded. This prevents the CPU from processing a large number of forged LDP packets. In this way, the upper layer protocols are protected.
The system view is displayed.
The MPLS-LDP view is displayed.
The LDP GTSM is configured.
By default, no LDP peer is configured with the GTSM.
hops is the maximum number of valid hops permitted by the GTSM. If a TTL value carried in a received packet is in a specified range of [255 - hops + 1, 255], the packet is accepted; if the TTL value is out of the range, the packet is discarded.