[cisco-nas] Spoofed IPs
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Tue May 4 11:17:31 EDT 2004
> Is there any way to look at stats to see how much data is being
> dropped?
"show ip traffic" reports the uRPF drops:
[...]
Drop: 14762707 encapsulation failed, 9987 unresolved, 0 no adjacency
8417 no route, 853663 unicast RPF, 333 forced drop
> On Tue, 2004-05-04 at 10:08, Oliver Boehmer (oboehmer) wrote:
> > > Is there an easy way to block spoofed IPs on the nas, or just use
> > > an access-list on group-async?
> >
> > uRPF ("ip verify unicast reverse-path"). Requires CEF.
> >
> > oli
More information about the cisco-nas
mailing list