uRPF Configuration
show interface urpf
Section titled “show interface urpf”[Command] show interface urpf
[Purpose] View interface URPF configuration
[View] System View
[Use Cases]
sonic# show interface urpf+-----------------+----------+| Interfaces | Status |+=================+==========+| Ethernet1 | strict |+-----------------+----------+| Vlan123 | strict |+-----------------+----------+| PortChannel0001 | loose |+-----------------+----------+ip urpf
Section titled “ip urpf”[Command] ip urpf {strict|loose} no ip urpf
[Purpose] Configure interface URPF function
[Parameter]
| Parameter | Description |
|---|---|
| strict | Strict mode, not only checks whether the traffic has a return route, but also verifies whether the return interface is the same as the initial incoming interface of the traffic |
| loose | Loose mode, only checks whether the traffic has a return route; if it exists, the traffic is permitted; if not, it is discarded |
[View] Interface View、LAG View、VLANIF View
[Usage Scenario] Enable the URPF function on the traffic incoming interface to verify whether the traffic has a return route, ensuring that the server is not impacted by unknown traffic.
[Use Cases]
sonic(config)# interface ethernet 1sonic(config-if-1)# ip urpf strict