[nsp] cat 4500/Sup IV - no uRPF?

Tim Stevenson tstevens at cisco.com
Fri Dec 5 13:49:04 EST 2003


Sorry, no. This is a hardware limitation. 

There is IP source guard, which plays a similar but different role, 

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/12_1_20/config/dhcp.htm

and there are plans for some other uRPF-like functionality in the current hardware, but the current 4500 h/w does not support uRPF check.

Of course, the 6500 sup2 (single path) & sup720 (multipath) both support uRPF check in hardware.

Tim

At 06:59 PM 12/4/2003, cisco-nsp-request at puck.nether.net remarked:
>Date: Thu, 04 Dec 2003 15:40:33 -0800
>From: Michael Sinatra <michael at rancid.berkeley.edu>
>Subject: [nsp] cat 4500/Sup IV - no uRPF?
>To: Cisco Nsp <cisco-nsp at puck.nether.net>
>Message-ID: <3FCFC5F1.5000104 at rancid.berkeley.edu>
>Content-Type: text/plain; charset=us-ascii; format=flowed
>
>I am testing a cat 4506 w/Sup IV in layer-3 mode (i.e. as a router) and 
>noticed that it doesn't support unicast RPF.  This appears to be 
>confirmed by the following cisco document:
>
>http://www.cisco.com/en/US/products/hw/switches/ps4324/products_white_paper09186a00801b1d13.shtml
>
>The IOS version I am running is 12.1(20)EW.  Does anyone know if there 
>are plans to add uRPF in a later release, or if there is any combination 
>of 4000/4500 hardware and/or IOS for that box that supports uRPF?
>
>I do plan to ask my cisco rep, but I was wondering if anyone here had 
>any info.  uRPF is a critical feature for us in any layer-3 box.
>
>thanks,
>michael


Tim Stevenson, tstevens at cisco.com
Routing & Switching CCIE #5561
Technical Marketing Engineer, Catalyst 6500
Cisco Systems, http://www.cisco.com
IP Phone: 408-526-6759
********************************************************
The contents of this message may be *Cisco Confidential*
and are intended for the specified recipients only.



More information about the cisco-nsp mailing list