38-85
Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide
OL-12189-01
Chapter 38 Configuring IP Unicast Routing
Configuring Unicast Reverse Path Forwarding
Configuring Unicast Reverse Path Forwarding
The unicast reverse path forwarding (uRPF) feature helps to mitigate problems that are caused by the
introduction of malformed or forged (spoofed) IP source addresses into a network. uRPF discards IP
packets without a verifiable IP source address. For example, a number of common denial-of-service
(DoS) attacks, including Smurf and Tribal Flood Network (TFN), take advantage of forged or rapidly
changing source-IP addresses to allow attackers to avoid efforts to locate or to filter the attacks. For
Internet service providers (ISPs) that provide public access, uRPF deflects such attacks by forwarding
only packets with valid source addresses and that are consistent with the IP routing table. This action
protects the network of the ISP, its customer, and the rest of the Internet.
For detailed IP uRPF configuration information, see the Other Security Features chapter in the Cisco
IOS Security Configuration Guide, Release 12.2 at this URL:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_book09186a
0080087df1.html
Configuring Protocol-Independent Features
This section describes how to configure IP routing protocol-independent features. These features are
available on switches running the IP base or the IP services feature set. However, on the IP base feature
set, protocol-related features are available only for RIP. For a complete description of the IP routing
protocol-independent commands in this chapter, see the “IP Routing Protocol-Independent Commands”
chapter of the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2 from
the Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command
References.
These sections contain this configuration information:
• Configuring Cisco Express Forwarding and Distributed Cisco Express Forwarding, page 38-85
• Configuring the Number of Equal-Cost Routing Paths, page 38-87
• Configuring Static Unicast Routes, page 38-88
• Specifying Default Routes and Networks, page 38-89
• Using Route Maps to Redistribute Routing Information, page 38-89
• Configuring Policy-Based Routing, page 38-93 (only the Catalyst Switch Module 3110)
• Filtering Routing Information, page 38-97
• Managing Authentication Keys, page 38-99
Configuring Cisco Express Forwarding and Distributed Cisco Express
Forwarding
Cisco Express Forwarding (CEF) is a Layer 3 IP switching technology used to optimize network
performance. CEF implements an advanced IP look-up and forwarding algorithm to deliver maximum
Layer 3 switching performance. CEF is less CPU-intensive than fast-switching route-caching, providing
more CPU processing power dedicated to packet forwarding. In a Catalyst Switch Module 3110 switch
stack, a stack member uses distributed CEF (dCEF) in the stack. On a standalone switch (a Catalyst
Switch Module 3012 or standalone Catalyst Switch Module 3110), the switch uses CEF. In dynamic
networks, fast-switching cache entries are frequently invalidated because of routing changes, which
