HP 6125XLG R2306-HP 6125XLG Blade Switch Security Command Reference - Page 231
uRPF commands, ip urpf
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 231 highlights
uRPF commands ip urpf Use ip urpf to enable uRPF. Use undo ip urpf to disable uRPF. Syntax ip urpf { loose | strict } undo ip urpf Default uRPF is disabled. Views System view Predefined user roles network-admin Parameters loose: Enables loose uRPF check. To pass loose uRPF check, the source address of a packet must match the destination address of a FIB entry. strict: Enables strict uRPF check. To pass strict uRPF check, the source address and receiving interface of a packet must match the destination address and output interface of a FIB entry. Usage guidelines Global uRPF configuration takes effect on both IPv4 and IPv6 routes. uRPF can be deployed on a PE connected to a CE or another ISP, or on a CE. Configure strict uRPF check on a PE interface connected to a CE, and configure loose uRPF check on a PE interface connected to another ISP. For asymmetrical routing where the interface receiving upstream traffic is different from the interface forwarding downstream traffic on a PE device, configure loose uRPF to avoid discarding valid packets. If the two interfaces are the same (symmetrical routing), configure strict uRPF. An ISP usually adopts symmetrical routing on a PE device. After you enable the uRPF function on the switch, the routing table size might decrease by half. If the number of routes exceeds half the routing table size of the switch, the uRPF function cannot be enabled to avoid loss of routes and packets. Examples # Enable strict uRPF check. system-view [Sysname]ip urpf strict 222