index_102
Router Security Configuration Guide
UNCLASSIFIED
102
UNCLASSIFIED
Version 1.0g
ingress and egress filtering. For more details on how and where to apply unicast RPF
verification, consult [10].
Configuring Unicast Reverse-Path Verification
Unicast RPF verification depends on a particular routing mode called Cisco Express
Forwarding (CEF). Therefore, to use unicast RPF, first enable CEF, and then enable
verification on the desired interfaces. The transcript below shows how to enable
verification on the router Central.
Central# config t
Central(config)# ip cef
Central(config)# interface eth 0/0
Central(config-if)# ip verify unicast reverse-path
Central(config-if)# exit
Some Cisco routers require you to enable CEF with the command ip cef
distributed instead of the simple version shown above. Consult [10] for details
about CEF requirements.
To disable unicast RPF verification, enter interface configuration mode, as shown
above, and use the command no ip verify unicast reverse-path.
4.4.6. References
[1] Albritton, J. Cisco IOS Essentials, McGraw-Hill, 1999.
An excellent introduction to basic Cisco IOS tasks. Portions of this book that
are particularly relevant to Routing Protocols are Chapters 2 and 7.
[2] Parkhurst, W.R., Cisco Router OSPF - Design and Implementation Guide,
McGraw-Hill, 1998.
Comprehensive and practical guide to OSPF use. Includes discussion of
design issues, security, implementation, and deployment.
[3] Black, U. IP Routing Protocols, Prentice Hall, 2000.
A very good survey of routing protocols and the technologies behind them.
[4] Moy, J.T. OSPF – Anatomy of an Internet Routing Protocol, Addison-Wesley,
1998.
Detailed analysis of OSPF and MOSPF, with lots of practical advice, too.
Includes a good section on troubleshooting.
[5] Thomas, T.M. OSPF Netwo rk Design Solutions, Cisco Press, 1998.
This book offers a good overview of IP routing and related topics, and also
explains how to configure Cisco routers for OSPF in a variety of situations.