[c-nsp] Implementing Unicast RPF multi-homed network
Justin M. Streiner
streiner at cluebyfour.org
Sat Jan 24 21:45:01 EST 2009
On Sat, 24 Jan 2009, root net wrote:
> I was wondering where the best place would be to implement Unicast RPF on a
> multi-homed network with full routes / filtered routes and private peering
> interconnects with local ISPs (small businesses)? Currently we just use
> ACLs to do drop spoofing on our upstream interfaces. I have been doing some
> reading and it says to implement at the edge not core unless you manually
> setup the routes. I would like to place this on the outside interface of
> each router connected to our upstreams and on the interface that is
> connected to each local ISP. The problem is we are doing asymmetric routing
> at the edge/core b/c our links are not the same size. So how can we
> accomplish this? I think way to overcome would be to use BGP attributes
> using weight maybe?
Use strict mode on your single-homed downstream customer interfaces and
loose mode on your transit/peer interfaces.
jms
More information about the cisco-nsp
mailing list