HP 6600 Security Configuration Manual page 545
Hide thumbs
Also See for 6600:
- Command reference manual (286 pages) ,
- Configuration manual (236 pages) ,
- Installation and getting started manual (103 pages)
Table of Contents
Advertisement
NOTE:
URPF does not check multicast packets.
1.
URPF checks source address validity:
Discards packets with the limited broadcast address (255.255. 255. 255) as the destination
address.
Discards packets with an all-zero source address but a destination address other than the
limited broadcast address. (A packet with source address 0.0.0.0 and destination address
255.255.255.255 might be a DHCP or BOOTP packet and cannot be discarded.)
Proceeds to step 2 for other packets.
2.
URPF checks whether the source address matches a FIB entry:
If yes, proceeds to step 3.
If not, proceeds to step 5.
3.
URPF checks whether the matching route is a default route:
If yes, URPF checks whether the allow-default-route keyword is configured to allow the default
route: if yes, proceeds to step 4. If not, proceeds to step 5.
If not, proceeds to step 4.
4.
URPF checks whether the receiving interface matches the output interface of the matching FIB entry:
If yes, the packet passes the check and is forwarded.
If not, URPF checks whether the check mode is loose: if yes, the packet passes the check and is
forwarded. If not, proceeds to step 5.
5.
URPF checks whether the packet is permitted by the ACL:
If yes, the packet is forwarded (such a packet is displayed in the URPF information as a
"suppressed drop").
If not, the packet is discarded.
531
Advertisement
Table of Contents
Troubleshooting
