IP VERIFY UNICAST REVERSE-PATH

Answered Question
Nov 19th, 2008
User Badges:

Hi everybody,

Please can someone tell what the above command "ip verify unicast reverse-path" does or achieves on a router interface. I discovered that when it is set on an interface I cannot ping the interface.

I was wondering if it is a security device, if disabling it will have any adverse security risk to my network.


Thanks

Correct Answer by ajagadee about 8 years 5 months ago

Tom,


Below is an excellent document that should answer most of your questions on URPF.


http://www.cisco.com/en/US/docs/ios/11_1/feature/guide/uni_rpf.html#wp1042332


Regards,

Arul


*Pls rate if it helps*

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
srimural Wed, 11/19/2008 - 20:20
User Badges:

Hey,

It is a security hardening command which can check the integrity of the source ip address. it protects from attacks like ip spoofing and all. a number of common types of denial-of-service (DoS) attacks, including Smurf and Tribe Flood Network (TFN), can take advantage of spoofed or rapidly changing source IP addresses. I hope i have helped a little. if you find anymore info do let me know


Thanks and Regards,


Srinath Muralidharan

Cable&Wireless

+91 99809 30364

Actions

This Discussion