Fournisseur d'équipement de réseau informatique
Unicast Reverse Path Forwarding, used for preventing source address spoofing, is a “look backward” ability which allows the router to check and see if any IP packet received at a router interface arrives on the best return path (return route) to the source address of the packet. If the packet was received from one of the best reverse path routes, the packet is forwarded as normal. If there is no reverse path route on the same interface from which the packet was received, the packet is dropped or forwarded, depending on whether an access control list (Liste de contrôle d'accès) is specified in the ip verify unicast reverse-path list interfaceconfiguration command. For more information, refer to the Configuring Unicast Reverse Path Forwardingchapter of the Cisco IOS Security Configuration Guide, Libérer 12.2.
Default route 0.0.0.0/0 can not be used to perform a uRPF check. Par exemple, if a packet with source address 10.10.10.1 comes on Serial 0 interface and the only route matching 10.10.10.1 is the default route 0.0.0.0/0 pointing out Serial 0 on the router, the uRPF check fails and it drops that packet.