Unicast Reverse Path Forwarding configuration using CLI

This section provides CLI procedures for Unicast Reverse Path Forwarding configuration.

Enable urpf-mode Boot Flag

Note

Note

Exception: not supported on VSP 8600 Series and XA1400 Series.

To configure Unicast Reverse Path Forwarding on a port or VLAN, you are required to enable the urpf-mode boot flag. If you try to configure uRPF on an interface, that is, enable or change the urpf operating mode with the urpf-mode boot flag disabled, a consistency check error message is displayed: Unicast Reverse Path Forwarding configuration is not supported when urpf-mode boot flag is disabled.

About this task

Use the following procedure to enable the urpf-mode boot flag. By default, urpf-mode is disabled.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Enable the urpf-mode boot flag:

    boot config flags urpf-mode

  3. When you get the following prompt to reboot the switch, enter y to reboot.

    The new setting requires a reboot to take effect!

    The configuration will be saved and rebooted.

    Are you sure you want to re-boot the switch (y/n)?

    Note

    Note

    If you enter n, the following message is displayed: Warning: Please save the configuration and reboot the switch for this configuration to take effect.

  4. Check the status of the urpf-mode boot flag:

    show boot config flags

Example

Enable the urpf-mode boot flag:

Switch:1> enable
Switch:1# configure terminal
Switch:1(config)# boot config flags urpf-mode
The new setting requires a reboot to take effect!
The configuration will be saved and rebooted.
Are you sure you want to re-boot the switch (y/n)? y

View the status of the urpf-boot flag:

Note

Note

Flag support can vary across hardware models.

Switch:1#show boot config flags
flags advanced-feature-bandwidth-reservation low
flags block-snmp false
flags debug-config false
flags debugmode false
flags dvr-leaf-mode false
flags enhancedsecure-mode false
flags factorydefaults false
flags flow-control-mode true
flags ftpd true
flags hsecure false
flags ipv6-egress-filter true
flags ipv6-mode false
flags linerate-directed-broadcast false
flags logging true
flags nni-mstp false
flags reboot true
flags spanning-tree-mode mstp
flags spbm-config-mode true
flags sshd true
flags syslog-rfc5424-format true
flags telnetd true
flags tftpd true
flags trace-logging false
flags urpf-mode true
flags verify-config true
flags vrf-scaling true
flags vxlan-gw-full-interworking-mode false