Specifications

ManualsBrandsCisco ManualsComputer equipmentVIP-4R/4T

111

112

113

114

115

116

117

118

119

120

IP Switching Commands

ipv6 verify unicast reverse-path

ISW-81

Cisco IOS IP Switching Command Reference

May 2008

ipv6 verify unicast reverse-path

To enable Unicast Reverse Path Forwarding (Unicast RPF) for IPv6, use the ipv6 verify unicast

reverse-path command in interface configuration mode. To disable Unicast RPF, use the no form of this

command.

ipv6 verify unicast reverse-path [access-list name]

no ipv6 verify unicast reverse-path [access-list name]

Syntax Description

Command Default Unicast RPF is disabled.

Command Modes Interface configuration

Command History

Usage Guidelines The ipv6 verify unicast reverse-path command is used to enable Unicast RPF for IPv6 in strict

checking mode. The Unicast RPF for IPv6 feature requires that Cisco Express Forwarding for IPv6

(CEFv6) is enabled on the router.

Note Beginning in Cisco IOS Release 12.0(31)S, the Cisco 12000 series Internet router supports both the

ipv6

verify unicast reverse-path and ipv6 verify unicast source reachable-via rx commands to enable

Unicast RPF to be compatible with the Cisco IOS Release 12.3T and 12.2S software trains.

Use the ipv6 verify unicast reverse-path command to mitigate problems caused by malformed or

forged (spoofed) IP source addresses that pass through a router. Malformed or forged source addresses

can indicate denial-of-service (DoS) attacks based on source IP address spoofing.

When Unicast RPF is enabled on an interface, the router examines all packets received on that interface.

The router checks to make sure that the source IPv6 address appears in the routing table and that it is

reachable by a path through the interface on which the packet was received. Unicast RPF is an input

feature and is applied only on the input interface of a router at the upstream end of a connection.

access-list name (Optional) Specifies the name of the access list.

Note This keyword and argument are not supported on the Cisco 12000

series Internet router.

Release Modification

12.2(13)T This command was introduced.

12.2(14)S This command was integrated into Cisco IOS Release 12.2(14)S.

12.0(31)S This command was integrated into Cisco IOS Release 12.0(31)S and

introduced on the 10G Engine 5 SPA Interface Processor in the Cisco 12000

series Internet router.

12.2(28)SB This command was integrated into Cisco IOS Release 12.2(28)SB.