Wow, I just wrote for this a lot and when I hit save just timeout. NO WAY!!!

1) What ttl value we need to put (10 or 245 in the config)

A/ 10 is the answer.It will always be how many hops away from the eBGP peer you are.

2) this feature limited to cisco or it is supporting Juniper( remote end EBGP speaker) -- pls confirm as per my understnading it not support Juniper

A/

It is supported on Junos as well (U will need to run a regular input filter and apply it to one of ur loopbacks interfaces so it gets applied down to the control plane of the Junos Box

(Note that the command used for this kind of protection is ttl-except if I am not mistaking).

As an interesting note, this is an unidirectional feature so there is not a requirement to have it set on the other side. I mean u can have EBGP multihop on one side and this TTL security check on the other.

3) This feature will be having any problem if my intermediate non-BGP router towards my ISP is not having Cisco-- pls confirm as per my understnading it should

A/Not at all, no need for the routers in between even BGP aware.

4) If I use this feature, will I get multihop feature as complimentary -- pls confirm as per my understnading it should

No, you will need to disable EBGP multihop. U will get something like "Remove ebgp-multihop before configuring ttl-security"

Remember that the whole idea of this feature is to protect your Core Edge router control-plane from packets that have been modified by an attacker in order to appear directly connected or whatever its needed.

5) What are the major benefit for this

A/ Higher protection to your Core Router Control-Plane.

Hope that I could help

Jcarvaja

http://laguiadelnetworking.com