300-101 第202题疑问

陳罐西

QUESTION 202
When unicast reverse path forwarding is configured on an interface, which action does
the interface take first when it receives a packet?
A. It check the ingress access list
B. It check the egress access list
9 ~1 q/ U" E4 gC. It verifies that the source has a valid CEF adjacency
. f7 @' e  O# q. v  ]( QD. It verifies a reverse path via the FIB to the source
3 o- T* {6 ^; H/ yCorrect Answer: D
Section: part 5
Explanation
* C6 X" ~) R6 d0 ?  T9 d+ y+ ZExplanation/Reference:
  K4 d8 F' @) V) ?$ H' W0 TWhen a packet is received at the interface where Unicast RPF and ACLs have been configured, the
following actions occur:
; m2 C1 s$ |. C( V3 TStep 1: Input ACLs configured on the inbound interface are checked.
& w7 U) d) Q+ ~2 VStep 2: Unicast RPF checks to see if the packet has arrived on the best return path to the source, which it
does by doing a reverse lookup in the FIB table

下面的解析中的第一步 说的是先检查  进口ACL  那么为啥不会选A呢。。。。。

% Q' B0 P8 M% t! i  J0 [

willyou

我觉得题库是错的，不过有一点需要考虑，就是题干并没有指明ACL有被配置。

思科官网链接：https://www.cisco.com/c/en/us/td ... 7-9679-0390DD2F6FC1
. T$ ^. w, S1 Z9 q
3 o- d. ~$ L& I7 {思科给出的带ACL的uRPF配置案例：
" C" F. U4 q0 a
int eth0/1/1
, ]4 B1 y/ @; K5 ]$ u ip address 192.168.200.1 255.255.255.0
$ A$ L* b/ ^/ @& o% z ip verify unicast reverse-path 197
!
/ D: c! H! p) B6 h; M/ Aint eth0/1/2
ip address 192.168.201.1 255.255.255.0
9 E7 |/ x7 q" |+ g. U' U!
# j$ F9 |3 p. G8 _' ^, b1 h+ \! baccess-list 197 deny   ip 192.168.201.0 0.0.0.63 any log-input
access-list 197 permit ip 192.168.201.64 0.0.0.63 any log-input
) B9 y2 y9 T- x- F$ vaccess-list 197 deny   ip 192.168.201.128 0.0.0.63 any log-input
access-list 197 permit ip 192.168.201.192 0.0.0.63 any log-input
. c/ ^% Z+ {1 P3 z- r+ jaccess-list 197 deny ip host 0.0.0.0 any log