Manualshelf

R211x-HP Flexfabric 11900 Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP FlexFabric 11000 Switch Products
241242243244245246247248249250
238
Ste
p
Command
Remarks
1. Enter system view.
system-view
N/A
2. Enable uRPF globally.
ip urpf { loose | strict } By default, uRPF is disabled.
Displaying and maintaining uRPF
Execute display commands in any view.
Task Command
Display uRPF configuration (in standalone
mode).
display ip urpf [ slot slot-number ]
Display uRPF configuration (in IRF mode). display ip urpf [ chassis chassis-number slot slot-number ]
uRPF configuration example
Network requirements
As shown in Figure 78, a client (Switch A) directly connects to an ISP switch (Switch B). Enable strict uRPF
check on Switch A and Switch B to prevent source address spoofing attacks.
Figure 78 Network diagram
Configuration procedure
1. Enable strict uRPF check on Switch A.
<SwitchA> system-view
[SwitchA] ip urpf strict
2. Enable strict uRPF check on Switch B.
<SwitchB> system-view
[SwitchB] ip urpf strict