[27343] in North American Network Operators' Group
Re: Cisco - ip verify unicast reverse-path
daemon@ATHENA.MIT.EDU (Mark Prior)
Sun Feb 13 08:28:08 2000
Message-ID: <200002131325.XAA04108@kuji.off.connect.com.au>
To: trall@almaden.ibm.com
Cc: nanog@merit.edu
In-reply-to: Your message of "Sat, 12 Feb 2000 14:54:15 -0800."
<87256883.007DD428.00@d53mta03h.boulder.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <4106.950448349.1@connect.com.au>
Date: Sun, 13 Feb 2000 23:55:49 +1030
From: Mark Prior <mrp@connect.com.au>
Errors-To: owner-nanog-outgoing@merit.edu
And then there is http://www.cisco.com/warp/public/707/newsflash.html. It
says that the RPF check is based on CEF. I'm not familiar with CEF and
want to clarify something about unicast RPF. If the source address of a
packet arrived on an interface that would not be the preferred route for
that address but is one of the less-preferred routes would the packet get
dropped?
Nope it has to be the preferred route.
If, as I hope, it would not, I don't understand the argument that it
doesn't work for multi-homed connections. Such systems should be
advertising their routes over all connections - thus the routes should
appear on all paths outbound from the multi-homed systems (less any long
prefix filtering being done by the upstreams).
I agree it would be more helpful if the test was "a route exists"
instead of "the best route" as I have seen it cause havoc with
customers who have multiple links to us and get the MEDs wrong.
Mark.
