[c-nsp] Blackholing looped traffic
Stephen J. Wilcox
steve at telecomplete.co.uk
Mon Aug 29 07:35:41 EDT 2005
Hi Everton,
so the problem here is urpf is matching the src but you're concerned about
the dst here.
The first thing in my mind is to use a routing protocol, I assume you're problem
is related to a serial link with statics on either end.
If you cant do that then I'm not aware of any such command and an extended ACL
is the best way.
Steve
On Mon, 29 Aug 2005, Everton da Silva Marques wrote:
> I'm looking for a command like this:
>
> interface Serial0
> ip drop incoming looped packets
>
> The command would discard incoming packets
> which would otherwise be forwarded back to
> the same incoming interface.
>
> The function could be implemented with ACLs,
> but it would be better to have a mechanism
> more automatic, more manageable, relying on
> CEF, just like the one provided by uRPF (ip
> verify unicast reverse-path).
>
> Is there such a command?
>
> Thanks,
> Everton
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list