[c-nsp] unicast rpf dhcp drops after routing adjustment
Rubens Kuhl Jr.
rubensk at gmail.com
Fri Dec 9 15:41:54 EST 2005
> Adding second shared link broke DHCP for HSRP interfaces. DHCP response
> packet would always come back to the neighbor router in the pair, instead of
> the originating relay. Packet would then get punted across the directly
> connected interface, and dropped by RPF (correct but unexpected behaviour.)
>
> I have a number of options:
>
>
> 1. Disabled RPF checks on HSRP interfaces.
>
> Don't really like this idea. RPF is a standard configuration for us at the
> edge.
>
> 3. Configure RPF ACL to exclude DHCP packets from RPF checks.
>
> Platform doesn't support RPF ACLs, so not an option.
Is Platform a 6500 or other switch that process ACLs in hardware and
all routes are static ? If so, you could disable RPF and replace it
with ACLs that would verify the origin IP but permit the DHCP
exception.
Rubens
More information about the cisco-nsp
mailing list