Filter
Top Products
13-3
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 13 Unicast Reverse Path Forwarding
Configuring Unicast RPF
• By default, without uRPF provision urpf drops can be seen in pxf when:
–
the interface is not up
–
there is no ip address on the interface
Configuring Unicast RPF
To use Unicast RPF, you must configure the router for CEF switching or CEF distributed switching.
There is no need to configure the input interface for CEF switching because Unicast RPF has been
implemented as a search through the FIB using the source IP address. As long as CEF is running on the
router, individual interfaces can be configured with other switching modes. Unicast RPF is an input-side
function that is enabled on an interface or subinterface that supports any type of encapsulation and
operates on IP packets received by the router. It is very important that CEF be turned on globally in the
router—Unicast RPF will not work without CEF.
To configure Unicast RPF, use the following commands beginning in global configuration mode:
Command Purpose
Step 1
Router(config)# ip cef Enables CEF on the router.
You might want to disable CEF on a particular interface if that
interface is configured with a feature that CEF does not support.
You can enable CEF globally, but disable CEF on a specific
interface by using the no ip route-cache cef interface command
that enables all but that specific interface to use express
forwarding. If you have disabled CEF operation on an interface
and want to reenable it, you can use the ip route-cache cef
command in interface configuration mode.
Step 2
Router(config-if)# interface type Selects the input interface on which you want to apply Unicast
RPF. This is the receiving interface, which allows Unicast RPF to
verify the best return path before forwarding the packet on to the
next destination.
The interface type is specific to your router and the types of
interface cards installed on the router. To display a list of
available interface types, enter the interface ? command.
Step 3
Router(config-if)# ip verify
unicast source reachable-via
any
or
Router(config-if)# ip verify
unicast source reachable-via rx
Enables Unicast RPF on the interface.
The any option enables a Loose Mode uRPF on the router. This
mode allows the router to reach the source address via any
interface.
The rx option enables a Strict Mode uRPF on the router. This
mode ensures that the router reaches the source address only via
the interface on which the packet was received.
You can also use the allow-default option, so that the default
route can match when checking source address. The
allow-self-ping option allows the router to ping itself.
Step 4
Router(config-if)# exit Exits interface configuration mode. Repeat Steps 2 and 3 for each
interface on which you want to apply Unicast RPF.