[nsp] uRPF and ACL Logging
Dain Deutschman
daind at qwest.net
Tue Jun 29 18:13:03 EDT 2004
Hi,
I'm looking for clarification on uRPF with ACL Logging. Is it true that in order to log failed reverse path lookups...one needs to have an acl entry for that specific traffic with log-input keyword?
access-list 100 deny ip 10.0.0.0 0.255.255.255 any log-input
access-list 100 deny ip 172.16.0.0 0.15.255 any log-input
access-list 100 deny ip 192.168.0.0 0.0.255.255 any log-input
access-list 100 permit ip any any
int s0/0
ip verify unicast reverse-path 100
1. Would this perform in the same manner as an acl applied with access-group?
2. If I wanted to do RFC1918 filtering...would I have to filter with access-group or would this do that job?
Thanks,
Dain
More information about the cisco-nsp
mailing list