Manualshelf

R21xx-HP FlexFabric 11900 Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP FlexFabric 11000 Switch Products
141142143144145146147148149150
143
NOTE:
If the number of routes on any preceding card exceeds half the routing table capacity, the uRPF function
must be disabled to avoid loss of routes and packets.
For more information about the route extension mode, see Fundamentals Configuration Guide.
Configuration example
Network requirements
As shown in Figure 53, a client (Switch A) directly connects to an ISP switch (Switch B). Enable strict uRPF
check on Switch A and Switch B to prevent source address spoofing attacks.
Figure 53 Network diagram
Configuration procedure
1. Enable strict uRPF check on Switch A.
<SwitchA> system-view
[SwitchA] ip urpf strict
2. Enable strict uRPF check on Switch B.
<SwitchB> system-view
[SwitchB] ip urpf strict