HPE Moonshot 45Gc Security Configuration Manual page 444

Switch module
Table of Contents

Advertisement

Figure 134 uRPF work flow
Yes
Yes
Source IP address
matches an ARP entry?
No
1.
uRPF checks source address validity:
uRPF discards packets with a broadcast source address.
uRPF discards packets with an all-zero source address but a non-broadcast destination
address. (A packet with source address 0.0.0.0 and destination address 255.255.255.255
might be a DHCP or BOOTP packet and cannot be discarded.)
uRPF proceeds to step 2 for other packets.
2.
uRPF checks whether the source address matches a FIB entry:
Checks the received packet
Broadcast source
address?
No
All-zero source address?
No
Matching FIB entry
found?
Yes
Loose uRPF?
No
Yes
Matching route is a direct
route?
No
Receiving
interface matches the
output interface of the
matching FIB entry?
No
431
Yes
Yes
Yes
Broadcast destination
address?
No
Default route found?
Yes
Yes
Loose uRPF?
No
Receiving
Yes
interface matches the output
interface of the default
route?
Yes
Allows the packet to pass
No
Discards the packet
No
No

Advertisement

Table of Contents
loading

Table of Contents