ccie lab exam sample

ccie lab exam sample

Friends who are studying the security direction of CCIE definitely have some understanding of URPF technology, so today we will explain the URPF technology.I. Introduction to URPF TechnologyGenerally, after receiving the data packet, the router obtains the destination IP address in the data packet, searches the local routing forwarding table for the destination IP address,ccie lab exam sample, and forwards the data packet if there is a corresponding forwarding entry; otherwise, discards the packet. . From this point of view, when the router forwards the message, it does not care about the source address of the packet. This gives the source address spoofing attack a chance.The source address spoofing attack constructs a series of packets with the spoofed source address and frequently accesses the device or host where the destination address resides. Even if the response packet cannot reach the attacker, the attacker will cause a certain degree of damage to the attacked object.The main function of unicast reverse path forwarding (URPF) is to prevent network attack behavior based on source address spoofing. After the URPF function is enabled on the interface of the router, when the interface receives the data packet, it checks the legality of the source address of the data packet. The forwarding entry of the address enters the packet forwarding process; otherwise, the packet is discarded.Second, the working mechanism of URPFThe URPF checks the legality of the source address of the packet into strict (strict) and loose (loose) types:Strict-type URPF: not only requires the router to forward the table, but also has a route to the source address of the packet. It also requires that the inbound interface of the packet is the same as the outgoing interface to the source address. The message is considered to be a legitimate message. In some special cases (such as the existence of asymmetric paths), strict type checking will incorrectly discard non-attack messages.