Hi~
I enabled ip Unicast RPF check on Cat6513s,
Can not do oneself ping in Backbone itself VIP
(HSRP group IP is not work=> 10.10.1.1)
(Real IP is OK => 10.10.1.2)
Is it normally this? or is it BUG?
IC_2F_J_CL3MAIN_P#ping 10.10.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
IC_2F_J_CL3MAIN_P#ping 10.10.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
IC_2F_J_CL3MAIN_P#ping 10.10.1.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.1.254, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
IC_2F_J_CL3MAIN_P#telnet 10.10.1.3
Trying 10.10.1.3 ... Open
*** Unauthorized access will be prosecuted by all means !! ***
User Access Verification
Password:
IC_2F_K_CL3MAIN_S>en
Password:
IC_2F_K_CL3MAIN_S#ping 10.10.1.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.1.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
========== Backbone #1 ===================
interface Vlan1
description ## LGE CORE SERVER FARM ##
ip address 10.10.1.2 255.255.255.0
ip verify unicast source reachable-via any 2513
no ip proxy-arp
standby 1 ip 10.10.1.254
standby 1 priority 105
standby 1 preempt
end
.....
access-list 2513 remark uRPF_EXCEPTION
access-list 2513 permit ip any host 10.10.1.2
access-list 2513 permit ip any host 10.10.36.2
access-list 2513 permit ip any host 10.10.51.2
access-list 2513 permit ip any host 10.10.65.130
access-list 2513 permit ip any host 10.10.135.2
access-list 2513 permit ip any host 10.10.184.130
=============================================
========= Backbone #2 =================
IC_2F_K_CL3MAIN_S#sh run int vlan 1
Building configuration...
Current configuration : 237 bytes
!
interface Vlan1
description ## LGE CORE SERVER FARM ##
ip address 10.10.1.3 255.255.255.0
ip verify unicast source reachable-via any 2513
no ip proxy-arp
standby 1 ip 10.10.1.254
standby 1 preempt
end
..
access-list 2513 remark uRPF_EXCEPTION
access-list 2513 permit ip any host 10.10.1.3
access-list 2513 permit ip any host 10.10.36.3
access-list 2513 permit ip any host 10.10.51.3
access-list 2513 permit ip any host 10.10.65.131
access-list 2513 permit ip any host 10.10.135.3
access-list 2513 permit ip any host 10.10.184.131
