Configuring unicast reverse path forwarding, Configuring protocol-independent features – Dell POWEREDGE M1000E User Manual
Page 983
38-91
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
OL-13270-03
Chapter 38 Configuring IP Unicast Routing
Configuring Unicast Reverse Path Forwarding
Configuring Unicast Reverse Path Forwarding
The unicast reverse path forwarding (uRPF) feature helps to mitigate problems that are caused by the
introduction of malformed or forged (spoofed) IP source addresses into a network. uRPF discards IP
packets without a verifiable IP source address. For example, a number of common denial-of-service
(DoS) attacks, including Smurf and Tribal Flood Network (TFN), take advantage of forged or rapidly
changing source-IP addresses to allow attackers to avoid efforts to locate or to filter the attacks. For
Internet service providers (ISPs) that provide public access, uRPF deflects such attacks by forwarding
only packets with valid source addresses and that are consistent with the IP routing table. This action
protects the network of the ISP, its customer, and the rest of the Internet.
For detailed IP uRPF configuration information, see the Other Security Features chapter in the Cisco
IOS Security Configuration Guide, Release 12.2 at this URL:
Configuring Protocol-Independent Features
This section describes how to configure IP routing protocol-independent features. These features are
available on switches running the IP base or the IP services feature set. However, on the IP base feature
set, protocol-related features are available only for RIP. For a complete description of the IP routing
protocol-independent commands in this chapter, see the “IP Routing Protocol-Independent Commands”
chapter of the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2 from
the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command
References.
These sections contain this configuration information:
•
Configuring Cisco Express Forwarding and Distributed Cisco Express Forwarding, page 38-91
•
Configuring the Number of Equal-Cost Routing Paths, page 38-93
•
Configuring Static Unicast Routes, page 38-94
•
Specifying Default Routes and Networks, page 38-95
•
Using Route Maps to Redistribute Routing Information, page 38-95
•
Configuring Policy-Based Routing, page 38-99
•
Filtering Routing Information, page 38-103
•
Managing Authentication Keys, page 38-105
Configuring Cisco Express Forwarding and Distributed Cisco Express
Forwarding
Cisco Express Forwarding (CEF) is a Layer 3 IP switching technology used to optimize network
performance. CEF implements an advanced IP look-up and forwarding algorithm to deliver maximum
Layer 3 switching performance. CEF is less CPU-intensive than fast-switching route-caching, providing
more CPU processing power dedicated to packet forwarding. In a switch stack, a stack member uses
distributed CEF (dCEF) in the stack. On a standalone switch , the switch uses CEF. In dynamic networks,
fast-switching cache entries are frequently invalidated because of routing changes, which causes traffic