37-3
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 37 Configuring Unicast Reverse Path Forwarding
About Unicast Reverse Path Forwarding
• Per-interface statistics
Figure 37-1 illustrates how Unicast RPF and CEF work together to validate IP source addresses by
verifying packet return paths. In this example, a customer has sent a packet having a source address of
192.168.1.1 from interface Gigabit Ethernet 1/1. Unicast RPF checks the FIB to see if 192.168.1.1 has
a path to Gigabit Ethernet 1/1. If there is a matching path, the packet is forwarded. If there is no matching
path, the packet is dropped.
Figure 37-1 Unicast RPF Validating IP Source Addresses
Figure 37-2 illustrates how Unicast RPF drops packets that fail validation. In this example, a customer
has sent a packet having a source address of 209.165.200.225, which is received at interface Gigabit
Ethernet 1/1. Unicast RPF checks the FIB to see if 209.165.200.225 has a return path to Gigabit Ethernet
1/1. If there is a matching path, the packet is forwarded. There is no reverse entry in the routing table
that routes the customer packet back to source address 209.165.200.225 on interface Gigabit Ethernet
1/1, and so the packet is dropped.
Data
Destination address x.x.x.x
Source address 192.168.1.1
IP header
Unicast
RPF
In
Drop
Out
Routing table:
192.168.0.0 via 172.19.66.7
172.19.0.0 is directly connected, FDDI 2/0/0
CEF table:
192.168.0.0 172.19.66.7 FDDI 2/0/0
172.19.0.0 attached FDDI 2/0/0
Adjacency table:
FDDI 2/0/0 172.19.66.7 50000603E...AAAA03000800
Data IP header
RPF checks to see if
the reverse path for
the source address
matches the input port
If okay, RPF passes
the packet to be
forwarded by CEF
33402
To Next Page
Loading...
Need help?
General
