06-28-2021 02:14 PM - edited 06-28-2021 02:42 PM
Hello to everybody
i was trying to compare "ip verify unicast source reachable-via rx allow-default" vs "ip verify unicast reverse-path" to apply it on the dialer interface on a cisco 897 configured with vdsl line connected to an isp
which one is the best?
My idea is remove the antispoofig acl, and undertand the difference.
Thank you
06-28-2021 09:36 PM
Hello
ip verify unicast source reachable-via rx allow-default"
enables strict rpf when a source ip address of a packet isn’t in the route table of the router and so allows it to use a default route as validation.
ip verify unicast reverse-path
Is rpf for security devices such as firewalls
06-29-2021 10:38 AM
but i can enable both on my router
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide