Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

3550 (121-20) ip verify unicast

Hello:

In 3550 with the version 121-20. EA1 there does not exist the command " ip verify Unicast... " On the other hand if in in other one that has a previous version 121-13. EA1a. How it is possible to to activate the unicast RPF in the first case, if It is that is supported??? Thank you very much.

3 REPLIES
Bronze

Re: 3550 (121-20) ip verify unicast

AFAIK, URPF has never been supported on the 3550. The command used to be there, but I don't think it did anything.

Re: 3550 (121-20) ip verify unicast

Terry,

it's very surprising for me.

I'm using

access-list 10 deny any log

ip verify unicast reverse-path 10

on all my int VLANx on 3550 running IOS 12.1(12c)EA1.

When I issue sh ip access-list, the output is:

Standard IP access list 10

deny any log (802 matches)

So it seems to work fine.

I'll try to test if the router really blocks the incorrect packest and let you know.

Regards,

Milan

Bronze

Re: 3550 (121-20) ip verify unicast

Thanks Milan -- I'll be interested to hear your results. There was a message on another board late last year from someone who said that the uRPF counters worked on his 3550, but the packets weren't actually blocked. But he may have been using a different IOS version.

There was apparently an open bug on this issue at some point, but I never heard what came of it. If the uRPF commands are now gone, it doesn't look good.

116
Views
0
Helpful
3
Replies
CreatePlease to create content