Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
270
Views
0
Helpful
1
Replies

how to implement uRPF when multiple WAN and LAN interfaces exists

mohammed hashim
Level 1
Level 1

‎03-03-2017 01:26 PM - edited ‎03-08-2019 09:36 AM

hi,

in this topology:

R1 knows about 8.8.8.8 through both ISP-1 and ISP-2,

how to configure R1 to match the picture when spoof packets came from WAN, or LAN, these spoof packets should be denied, without affecting the redundancy 

appreciate your help,

Labels:
0 Helpful
1 Reply 1

Philip D'Ath
VIP Alumni
VIP Alumni

‎03-05-2017 11:47 AM

The effectiveness of RPF on dual homed ISP connections is rather limited.  Assuming both ISPs also advertise a default route, you can probably use something like:

On the ISP interfaces you'll need to use something like:

ip verify unicast source reachable-via any allow-default

I personally wouldn't use RPF in this scenario due to the risk of something going wrong.

0 Helpful
Customers Also Viewed These Support Documents