Enabling Strict Targeted Hello Messages for LDP
Use strict targeted hello messages to prevent LDP sessions from being established with remote neighbors that have not been specifically configured. If you configure the strict-targeted-hellos statement, an LDP peer does not respond to targeted hello messages coming from a source that is not one of its configured remote neighbors. Configured remote neighbors can include:
- Endpoints of RSVP tunnels for which LDP tunneling is configured
- Layer 2 circuit neighbors
If an unconfigured neighbor sends a hello message, the LDP peer ignores the message and logs an error (with the error trace flag) indicating the source. For example, if the LDP peer received a targeted hello from the Internet address 10.0.0.1 and no neighbor with this address is specifically configured, the following message is printed to the LDP log file:
To enable strict targeted hello messages, include the strict-targeted-hellos statement:
For a list of hierarchy levels at which you can include this statement, see the statement summary section for this statement.