[27370] in North American Network Operators' Group
RE: Cisco - ip verify unicast reverse-path
daemon@ATHENA.MIT.EDU (Paul Ferguson)
Mon Feb 14 14:05:49 2000
Message-Id: <4.2.2.20000214135409.00a61b80@lint.cisco.com>
Date: Mon, 14 Feb 2000 14:00:29 -0500
To: owen@delong.com (Owen DeLong)
From: Paul Ferguson <ferguson@cisco.com>
Cc: nanog@merit.edu
In-Reply-To: <200002141758.JAA25518@asilomar.>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Errors-To: owner-nanog-outgoing@merit.edu
At 09:58 AM 02/14/2000 -0800, Owen DeLong wrote:
> Does ip verify unicast reverse path accept packets for which
> the inbound interface is not the preferred outbound interface, but
> is a valid outbound interface?
This feature looks up the source address in FIB, and if the
source address is reachable via the source interface, the
packet is forwarded. If it is not, it is punted.
Yes, it can occasionally pose problems in situations where the
FIB associates the forwarding path for a particular prefix to
an interface which is not the one on which the packet was received.
This feature is not a panacea, just another tool.
- paul
