From: Vincent Mashburn (vmashburn@fedex.com)
Date: Wed Nov 29 2006 - 11:40:41 ART
If these are the only 2 networks connected to E0/0, then the end result
will be the same, but by no means are they doing the same thing. The
access-list is only allowing 10.10.20.0/24 and 192.168.1.0/24 to be
allowed into E0/0. The uRPF looks at the source IP address from each
packet and verifies that it came in on the interface that matches the
associated routing table destination.
Vince Mashburn
Sr. Voice / Data Engineer
901-263-5072
CCVP, CCNP
Cisco IP Telephony Support Specialist
Cisco IP Telephony Operations Specialist
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
mathew Fer
Sent: Wednesday, November 29, 2006 1:03 AM
To: ccielab@groupstudy.com
Subject: Unicast Reverse Path Forwarding (Unicast RPF) feature
Hi GS,
Is these 2 same?
As I understand they are the same and this single command makes things
easy
for us.
1.
!
interface Ethernet 0/0
ip address 10.10.20.1 255.255.255.0
ip address 192.168.1.254 255.255.255.0 secondary
ip access-group FILTER in
!
ip access-list standard FILTER
permit 10.10.20.0 0.0.0.255 any
permit 192.168.1.0 0.0.0.255 any
!
2.
!
interface Ethernet 0/0
ip address 10.10.20.1 255.255.255.0
ip address 192.168.1.254 255.255.255.0 secondary
ip verify unicast reverse-path
!
Thank you for the reply.
mathew
This archive was generated by hypermail 2.1.4 : Fri Dec 01 2006 - 08:05:49 ART