- Table of Contents
-
- 09-Security Command Reference
- 00-Preface
- 01-AAA commands
- 02-802.1X commands
- 03-MAC authentication commands
- 04-Portal commands
- 05-Web authentication commands
- 06-Port security commands
- 07-User profile commands
- 08-Password control commands
- 09-Public key management commands
- 10-PKI commands
- 11-IPsec commands
- 12-SSH commands
- 13-SSL commands
- 14-Attack detection and prevention commands
- 15-TCP attack prevention commands
- 16-IP source guard commands
- 17-ARP attack protection commands
- 18-ND attack defense commands
- 19-uRPF commands
- 20-SAVI commands
- 21-MFF commands
- 22-Crypto engine commands
- 23-FIPS commands
- 24-802.1X client commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 19-uRPF commands | 40.43 KB |
IPv4 uRPF commands
display ip urpf
Use display ip urpf to display uRPF configuration.
Syntax
display ip urpf [ slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays uRPF configuration for all member devices.
Examples
# Display uRPF configuration for the specified slot.
<Sysname> display ip urpf slot 1
Global uRPF configuration information(failed):
Check type: strict
Allow default route
Table 1 Command output
|
Field |
Description |
|
(failed) |
The system failed to deliver the uRPF configuration to the forwarding chip because of insufficient chip resources. This field is not displayed if the delivery is successful. |
|
Check type |
uRPF check mode. Only strict uRPF is supported in the current software version. |
ip urpf
Use ip urpf to enable uRPF.
Use undo ip urpf to disable uRPF.
Syntax
ip urpf strict
undo ip urpf
Default
uRPF is disabled.
Views
System view
Predefined user roles
network-admin
Parameters
strict: Enables strict uRPF check. To pass strict uRPF check, the source address and receiving interface of a packet must match the destination address and output interface of a FIB entry. You can enable strict uRPF check only in VLAN interface view.
Usage guidelines
uRPF can be deployed on a PE connected to a CE or an ISP, or on a CE.
Examples
# Enable strict uRPF check globally.
<Sysname> system-view
[Sysname] ip urpf strict
Related commands
display ip urpf
