Hi Danny,
Thanks for you help - no problems.
I would agree 192 vs 63/64 it is to much of a coincidence for it not to
be related somehow.
Weirder and weirder - presumably people trying to hack the BGP session
below:
neighbor 212.121.34.1 ttl-security hops 192
And the session is up and we get:
Extended IP access list ACL-MATCH-TTL-0/254 (Compiled)
10 permit ip any any ttl eq 0 (869 matches)
20 permit ip any any ttl eq 1 (1 match)
260 permit ip any any ttl eq 25 (1 match)
580 permit ip any any ttl eq 57 (1 match)
590 permit ip any any ttl eq 58
600 permit ip any any ttl eq 59
610 permit ip any any ttl eq 60
620 permit ip any any ttl eq 61 (2 matches)
630 permit ip any any ttl eq 62 (2 matches)
640 permit ip any any ttl eq 63 (1 match) <- presumably the foundry
1210 permit ip any any ttl eq 120 (2 matches)
1220 permit ip any any ttl eq 121 (2 matches)
1230 permit ip any any ttl eq 122 (1 match)
1240 permit ip any any ttl eq 123 (1 match)
1250 permit ip any any ttl eq 124 (1 match)
2500 permit ip any any ttl eq 249 (6 matches)
2510 permit ip any any ttl eq 250 (3 matches)
This is connected to an ethernet IX and all peers are one hop away.
Kind Regards
Ben