On 3/16/19 11:40 AM, Erik Auerswald wrote:
Hi,
Hi,
This is called uRPF for "unicast RPF" as opposed to the multicast RPF check this is based on.
Thank you for the correction. :-)
Indeed uRPF should allow that packet, as the source address is found off the receiving interface (usually via a directly attached network).
*nod*
That could be done via ACLs, but would be unusual AFAIK. The uRPF functionality itself should not interfere.
I agree that this would be atypical.As I type this, I wonder if there might be any problems related to uRPF /sending/ the BFD-EM packet. I think it's going to need to be sent in such a way as to bypass the local routing stack.
But that's on a system that I control and I have options to overcome any local limitations. }:-)
-- Grant. . . . unix || die
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
