Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 05-uRPF commands | 56.71 KB |
uRPF commands
ip urpf strict
Use ip urpf strict to enable strict uRPF check.
Use undo ip urpf to disable strict uRPF check.
Syntax
ip urpf strict [ link-check ]
undo ip urpf
Default
Strict uRPF check is disabled.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
link-check: Enables link layer check.
Usage guidelines
uRPF can be deployed on a PE connected to a CE or another ISP, or on a CE.
If a Layer-3 PE interface connects a large number of PCs, configure the link-check keyword on the interface to enable link layer check. uRPF checks the validity of the source MAC address.
Examples
# Configure strict uRPF check on interface GigabitEthernet 3/0/2.
<Sysname>system-view
[Sysname]interface GigabitEthernet 3/0/2
[Sysname-GigabitEthernet3/0/2]port link-mode route
[Sysname-GigabitEthernet3/0/2]ip urpf strict
Related commands
display ip urpf
display ip urpf
Use display ip urpf to display uRPF configuration.
Syntax
In standalone mode:
display ip urpf [ interface interface-type interface-number ] [ slot slot-number ]
In IRF mode:
display ip urpf [ interface interface-type interface-number ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface interface-type interface-number: Specifies an interface by its type and number.
slot slot-number: Specifies a card by slot number. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument specifies the ID of the IRF member device and the slot number argument specifies the number of the slot that holds the card. (In IRF mode.)
Usage guidelines
To display uRPF configuration on an interface, check whether the interface is a global interface:
· If it is, specify the card where the interface resides. If you do not specify the option, the command displays uRPF configuration for the MPU. A global interface has a one-dimensional number, such as VLAN-interface 10.
· If it is not, you do not need to specify the card for the command to display the interface uRPF configuration. A non-global interface has a multiple-dimensional number, such as GigabitEthernet 3/0/1.
Examples
# Display uRPF configuration for the card in slot 3.
<Sysname> display ip urpf slot 3
Global uRPF configuration information(failed):
Check type: strict
