neighbor 1.1.1.1 ttl-security hops 2
neighbor 1.1.1.1 disable-connected-check
By default BGP will check that a eBGP peer is directly connected by comparing the peer address against directly connected interface addresses. The BGP router will not even try to connect (no packets hit the wire) if the neighbor doesn't first pass the connected test. Similarly the remote peer will not accept the peer connection if it does not pass the connected test. This is beyond the IP TTL limitations related to eBGP, eBGP multihop and TTL security - the checking is at the application layer of BGP.
This check is disabled by :
* neighbor disable-connected-check , or
* neighbor ebgp-multihop <ttl> , when TTL > 1
The disable-connect-check command is used when you want to establish peering of directly connect routers using the loopback interface (using the loopback as the BGP source is configured with neighbor update-source).
Eg:-
network 1.1.1.0 mask 255.255.255.0
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 ttl-security hops 2
neighbor 2.2.2.2 update-source Loopback0