Interworking Of Unicast Rff With Different System Conditions; Configuring Unicast Rpf Strict Mode - Juniper ACX1000 Configuration Manual
Junos os; acx series universal access router
Hide thumbs
Also See for ACX1000:
- User manual (216 pages) ,
- Hardware manual (204 pages) ,
- Quick start manual (27 pages)
Table of Contents
Advertisement
Interworking of Unicast RFF With Different System Conditions
Configuring Unicast RPF Strict Mode
Copyright © 2017, Juniper Networks, Inc.
The following sections describe unicast RPF in detail:
Interworking of Unicast RFF With Different System Conditions on page 805
Configuring Unicast RPF Strict Mode on page 805
Configuring Unicast RPF Loose Mode on page 806
Unicast RPF and Default Routes on page 806
Configuring Unicast RPF on a VPN on page 807
Configuring Unicast RPF Fail Filter on page 808
The following is the unicast RPF behaviour for different system configuration scenarios:
Unicast RPF with default routes—unicast RPF check will not consider the default route
for its reverse path checking. That means packet will be accepted only if at least route
prefix is present in the routing table.(Loose Mode)
Unicast RPF with filter-based forwarding—unicast RPF is applied in the Layer 3 lookup
stage in which all the filters are already applied and the corresponding VRF is identified.
So it always uses the route table with respect to the VRF it belongs to. The reverse
path check fails even it has valid route in other VRF table also.
Unicast RPF with virtual router or VRF—unicast RPF is applied in the Layer 3 lookup
stage in which the corresponding VRF/VR is identified. So it always uses the route table
with respect to the VRF or virtual router it belongs to. The reverse path check fails even
it has a valid route in other VRF table.
Unicast RPF with IP unnumbered case—unicast RPF is supported with IP unnumbered
case also. In this case it uses the same properties of the referenced interface.
Unicast RPF with IPV6—unicast RPF is performed for IPV6 global unicast and unique
local address only. For the link local IPV6 address, unicast RPF is not performed.
In strict mode, unicast RPF checks whether the incoming packet has a source address
that matches a prefix in the routing table, and whether the interface expects to receive
a packet with this source address prefix.
If the incoming packet fails the unicast RPF check, the packet is not accepted on the
interface. When a packet is not accepted on an interface, unicast RPF counts the packet
and sends it to an optional fail filter. If the fail filter is not configured, the default action
is to silently discard the packet.
The optional fail filter allows you to apply a filter to packets that fail the unicast RPF
check. You can define the fail filter to perform any filter operation, including accepting,
rejecting, logging, sampling, or policing.
When unicast RPF is enabled on an interface, Bootstrap Protocol (BOOTP) packets and
Dynamic Host Configuration Protocol (DHCP) packets are not accepted on the interface.
To allow the interface to accept BOOTP packets and DHCP packets, you must apply a
Chapter 25: Configuring Layer 2 and Layer 3 Services
805
- Quick Links:
- Interfaces
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
