EasyManuals Logo

Cisco Catalyst 4500 Series Software Configuration Guide

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #961 background imageLoading...
Page #961 background image
CHAPTER
37-1
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
37
Configuring Unicast Reverse Path Forwarding
This chapter describes the Unicast Reverse Path Forwarding (Unicast RPF) feature. The Unicast RPF
feature helps to mitigate problems that are caused by malformed or forged IP source addresses that are
passing through a switch.
For a complete description of the Unicast RPF commands in this chapter, refer to the chapter “Unicast
Reverse Path Forwarding Commands” of the Cisco IOS Security Command Reference. To locate
documentation of other commands that appear in this chapter, use the command reference master index
or search online.
To identify the hardware platform or software image information associated with a feature, use the
Feature Navigator on Cisco.com to search for information about the feature or refer to the software
release notes for a specific release. For more information, see the “Identifying Supported Platforms”
section in the chapter “Using Cisco IOS Software.
This chapter includes the following sections:
About Unicast Reverse Path Forwarding, page 37-1
Unicast RPF Configuration Tasks, page 37-9
Monitoring and Maintaining Unicast RPF, page 37-11
Unicast RPF Configuration Example: Inbound and Outbound Filters, page 37-12
Note For complete syntax and usage information for the switch commands used in this chapter, see the
Cisco IOS Command Reference Guides for the Catalyst 4500 Series Switch.
If a command is not in the Cisco Catalyst 4500 Series Switch Command Reference , you can locate it in
the Cisco IOS Master Command List, All Releases.
About Unicast Reverse Path Forwarding
The Unicast RPF feature helps to mitigate problems that are caused by the introduction of malformed or
forged (spoofed) IP source addresses into a network by discarding IP packets that lack a verifiable IP
source address. For example, a number of common types of denial-of-service (DoS) attacks, including
Smurf and Tribal Flood Network (TFN), can take advantage of forged or rapidly changing source IP
addresses to allow attackers to thwart efforts to locate or filter the attacks. For Internet service providers
(ISPs) that provide public access, Unicast RPF deflects such attacks by forwarding only packets that
have source addresses that are valid and consistent with the IP routing table. This action protects the
network of the ISP, its customer, and the rest of the Internet.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Message Guide
Message Guide146 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Datasheet
Datasheet11 pages
Preview: Overview
Overview46 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General IconGeneral
SeriesCatalyst 4500 Series
CategorySwitch
Layer SupportLayer 2, Layer 3
Form FactorModular chassis
StackableNo
Chassis Slots3, 6, 7, 10
Power Supply OptionsAC, DC
RedundancyPower supply, Supervisor engine
Network ManagementCisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
FeaturesSecurity, QoS
Port DensityUp to 384 ports per chassis
Security Features802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine8-E

Related product manuals