- 积分
- 968
- 鸿鹄币
- 个
- 好评度
- 点
- 精华
- 注册时间
- 2016-8-14
- 最后登录
- 1970-1-1
- 阅读权限
- 40
- 听众
- 收听
中级工程师
|
10鸿鹄币
QUESTION 2028 y4 {. T+ R5 H
When unicast reverse path forwarding is configured on an interface, which action does2 `: B3 ~$ a/ x
the interface take first when it receives a packet?/ h; Z9 N7 q9 w( I
A. It check the ingress access list% Q' J m/ f0 j! f; R0 p
B. It check the egress access list
9 ~1 q/ U" E4 gC. It verifies that the source has a valid CEF adjacency
. f7 @' e O# q. v ]( QD. It verifies a reverse path via the FIB to the source
3 o- T* {6 ^; H/ yCorrect Answer: D. e# W# T5 g6 R+ |& u: T
Section: part 5; P% C6 ]; n) w0 s
Explanation
* C6 X" ~) R6 d0 ? T9 d+ y+ ZExplanation/Reference:
K4 d8 F' @) V) ?$ H' W0 TWhen a packet is received at the interface where Unicast RPF and ACLs have been configured, the6 u5 V, P2 |' ^8 `" a/ E
following actions occur:
; m2 C1 s$ |. C( V3 TStep 1: Input ACLs configured on the inbound interface are checked.
& w7 U) d) Q+ ~2 VStep 2: Unicast RPF checks to see if the packet has arrived on the best return path to the source, which it1 C, K) A$ v8 [) f
does by doing a reverse lookup in the FIB table, g( [; z& I5 C- ?8 M4 q) D, v& D
) |: H& X- V( M5 F' @
下面的解析中的第一步 说的是先检查 进口ACL 那么为啥不会选A呢。。。。。( M9 ?' \2 h) W; r! z
% Q' B0 P8 M% t! i J0 [ |
最佳答案
查看完整内容
我觉得题库是错的,不过有一点需要考虑,就是题干并没有指明ACL有被配置。
思科官网链接:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_urpf/configuration/15-sy/sec-data-urpf-15-sy-book/cfg-unicast-rfp.html?dtid=osscdc000283#GUID-07331556-315A-4327-9679-0390DD2F6FC1
思科给出的带ACL的uRPF配置案例:
int eth0/1/1
ip address 192.168.200.1 255.255.255.0
ip verify unicast reverse-pat ...
|