1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. Nexus 3600 NX-OS
  6. Security configuration manual

Cisco Nexus 3600 NX-OS Security Configuration Manual page 119

Hide thumbs
Table of Contents

Advertisement

Configuring Unicast RPF
Strict Unicast RPF mode
A strict mode check is successful when Unicast RPF finds a match in the FIB for the packet source
address and the ingress interface through which the packet is received matches one of the Unicast RPF
interfaces in the FIB match. If this check fails, the packet is discarded. You can use this type of Unicast
RPF check where packet flows are expected to be symmetrical.
Loose Unicast RPF mode
A loose mode check is successful when a lookup of a packet source address in the FIB returns a match
and the FIB result indicates that the source is reachable through at least one real interface. The ingress
interface through which the packet is received is not required to match any of the interfaces in the FIB
result.
Procedure
Step 1
Step 2
Step 3
Step 4
Command or Action
configure terminal
Example:
switch# configure terminal
switch(config)#
interface ethernet slot/port
Example:
switch(config)# interface ethernet
2/3
switch(config-if)#
{ip | ipv6} verify unicast source
reachable-via any
Example:
switch(config-if)# ip verify
unicast source reachable-via any
exit
Example:
switch(config-cmap)# exit
switch(config)#
Purpose
Enters global configuration mode.
Specifies an ethernet interface and enters interface
configuration mode.
Configures unicast RPF on the interface for both IPv4
and IPv6.
You must configure unicast RPF on each
Note
interface, since it is disabled by default. The
configuration is shared across both IPv4 and
IPv6. If you enable or disable on either IPv4
and IPv6, it affects all protocols on that
interface
Note
When you enable uRPF for IPv4 or IPv6
(using the ip or ipv6 keywords), unicast RPF
is enabled for both IPv4 and IPv6.
You can configure only one version of the
Note
available IPv4 and IPv6 Unicast RPF
command on an interface. When you configure
one version, all the mode changes must be
done by this version and all other versions will
be blocked by that interface.
Exits class map configuration mode.
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
Configuring Unicast RPF
105
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cisco Nexus 3600 NX-OS

Related Products for Cisco Nexus 3600 NX-OS

Table of Contents