[nsp] "ip verify unicast reverse-path" broken, or is it just me?
Vincent De Keyzer
vincent at dekeyzer.net
Mon Dec 15 07:35:44 EST 2003
Access router is a 2621 running "IOS (tm) C2600 Software (C2600-JS-M),
Version 12.2(5), RELEASE SOFTWARE (fc1)".
Vincent
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Gert Doering
> Sent: lundi 15 décembre 2003 12:02
> To: Vincent De Keyzer
> Cc: 'Gert Doering'; cisco-nsp at puck.nether.net
> Subject: Re: [nsp] "ip verify unicast reverse-path" broken,
> or is it just me?
>
>
> Hi,
>
> On Mon, Dec 15, 2003 at 11:48:30AM +0100, Vincent De Keyzer wrote:
> > Neither "sh ip int" nor "debug ip cef drops rpf" show
> anything... so
> > it has to be an IOS bug?
> >
> > Can one of you guys succesfully reproduce my test?
>
> I know that uRPF works fine for us (various versions of
> 12.0S, 12.1 main, 12.2). A test similar to yours (I use a PC
> client and send faked packets via "nmap") yields the desired results.
>
> What hardware and what IOS version are you using?
>
> gert
> --
> USENET is *not* the non-clickable part of WWW!
>
> //www.muc.de/~gert/
> Gert Doering - Munich, Germany
> gert at greenie.muc.de
> fax: +49-89-35655025
> gert at net.informatik.tu-muenchen.de
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco> -nsp
> archive at
> http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list