Cisco uRPF failures

Anton Kapela tkapela at gmail.com
Sat Sep 6 17:20:34 UTC 2008


On Thu, Sep 4, 2008 at 11:35 AM, Jo Rhett <jrhett at netconsonance.com> wrote:

> That's the surprising thing -- no scenario.  Very basic configuration.
>  Enabling uRPF and then hitting it with a few gig of non-routable packets
> consistently caused the sup module to stop talking on the console, and

What do you mean by 'non routable?'

What was the src/dst makeup of the test traffic?

> We also discovered problems related to uRPF and load balanced links, but
> those were difficult to reproduce in the lab and we couldn't affect their
> peering, so we had to disable uRPF and ignore so I don't have much details.

What version of code? Also, port-channel/lag or ECMP?

> quickly, but that turns out not to be the case.  To this day I've never

I've never seen the issues you speak of, so it could be
code/platform/config specific.

Also, what sup were you testing?

> found a network operator using uRPF on Cisco gear.
>  (note: network operator. it's probably fine for several-hundred-meg
> enterprise sites)

Forgive me, but what does bits/sec have to do with anything?

-Tk




More information about the NANOG mailing list