Difference between revisions of "First-hop security IPv6 Cisco IOS"
From Teknologisk videncenter
m (Created page with "{{in progress}} =Links= *[[http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-first_hop_security_ps10591_TSD_Products_Configuration_Guide_Chapter.html Cisco Ipv6 fi...") |
m |
||
| Line 1: | Line 1: | ||
{{in progress}} | {{in progress}} | ||
| + | =Unicast Reverse Path Forwarding= | ||
| + | To avoid spoofed packets passing a Router. Could be DoS attack. With RPF - reverse Path Forwarding - the router checks that the sending hosts source IP address matches the routing table on the receiving interface. | ||
| + | ;Example:An access-list can be used as an option to this command | ||
| + | <source lang=cli> | ||
| + | R1(config)#<input>interface fa0/1</input> | ||
| + | R1(config-if)#ipv6 verify unicast reverse-path | ||
| + | </source> | ||
| + | |||
=Links= | =Links= | ||
*[[http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-first_hop_security_ps10591_TSD_Products_Configuration_Guide_Chapter.html Cisco Ipv6 first-hop security]] | *[[http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-first_hop_security_ps10591_TSD_Products_Configuration_Guide_Chapter.html Cisco Ipv6 first-hop security]] | ||
| − | + | [Category:IPv6] | |
Revision as of 09:06, 18 December 2011
This article is under development....
Unicast Reverse Path Forwarding
To avoid spoofed packets passing a Router. Could be DoS attack. With RPF - reverse Path Forwarding - the router checks that the sending hosts source IP address matches the routing table on the receiving interface.
- Example
- An access-list can be used as an option to this command
R1(config)#<input>interface fa0/1</input>
R1(config-if)#ipv6 verify unicast reverse-pathLinks
[Category:IPv6]