Difference between revisions of "First-hop security IPv6 Cisco IOS"
From Teknologisk videncenter
m (→Links) |
m (→Unicast Reverse Path Forwarding) |
||
| Line 5: | Line 5: | ||
<source lang=cli> | <source lang=cli> | ||
R1(config)#<input>interface fa0/1</input> | R1(config)#<input>interface fa0/1</input> | ||
| − | R1(config-if)#ipv6 verify unicast reverse-path | + | R1(config-if)#<input>ipv6 verify unicast reverse-path</input> |
</source> | </source> | ||
Revision as of 10:06, 18 December 2011
This article is under development....
Unicast Reverse Path Forwarding
To avoid spoofed packets passing a Router. Could be DoS attack. With RPF - reverse Path Forwarding - the router checks that the sending hosts source IP address matches the routing table on the receiving interface.
- Example
- An access-list can be used as an option to this command
R1(config)#<input>interface fa0/1</input>
R1(config-if)#<input>ipv6 verify unicast reverse-path</input>