Filter
Top Products
DES-7200 Configuration Guide Chapter 6 URPF Configuration
6-9
Note
1. By default, the default route is not used for URPF check; if so
required by the user, the user can use "allow-default" to enable this
function.
2. By default, messages failing in the URPF check will be discarded.
If ACL (acl-name) is configured, such message will then undergo
ACL check after failing in URPF check. If ACL doesn't exist or the
message points to a deny ACE, such message will be discarded. If
the message points to a permit ACE, the message will be forwarded.
Caution
1. After this command is enabled, DES-7200 series devices will
perform URPF check of IPv4/IPv6 messages. Routers will perform
URPF check of IPv4 messages.
2. URPF function is only supported on Routed Port and L3 AP port
of B-class line cards on DES-7200 series products, and has the
following restrictions:
URPF function doesn't support ACL option.
URPF function doesn't support the use of IPv6 route with
65-127 bit prefix to perform URPF check.
After URPF function is enabled, all messages received by the
physical port of these interfaces will be subject to URPF check,
thus broadening the scope of URPF check. A typical application
scenario is: If a message received by Tunnel interface is
received from the aforementioned physical port, this message
will also be subject to URPF check. If such an application
scenario exists, be cautious when enabling URPF check.
After URPF function is enabled, the route forwarding capacity of
the device will be reduced by 50%.
After URPF strict mode is enabled, if the messages received by
the interface correspond with equal-cost routing during URPF
check, it will switch into loose mode.
After MPLS line cards are inserted into DES-7200 series
switches, the URPF function configured on the interface will not
take effect.
3. Coexistence of URPF function configured in global configuration
mode and URPF function configured in interface configuration mode
is not supported.
Configuration example:
# Perform strict URPF check of messages received by interface GigabitEthernet 0/21; no need
to use default route for URPF check.