Which of the following best describes the function of unicast RPF? (Select the best answer.)
A. Unicast RPF scans a packet to determine whether the packet contains malware.
B. Unicast RPF verifies the reachability of the source IP address of a packet.
C. Unicast RPF ensures that priority traffic is transmitted in a timely fashion.
D. Unicast RPF encapsulates packets and sends them through a tunnel interface.
E. Unicast RPF prevents packet loss in asymmetric routing configurations.
Explanation:
Unicast Reverse Path Forwarding (uRPF) verifies the reachability of the source IP address of a packet to determine whether an inbound packet arrived on the best path back to the source based on routing table information. If the uRPF check passes, the packet is transmitted, if the uRPF check fails, the packet is dropped. Preferably, you should implement uRPF on a gateway router on the untrusted interface so that inbound packets can be inspected. Inbound packet inspection by uRPF can mitigate spoofing attacks, such as Denial of Service (DoS), smurf, and Tribal Flood Network (TFN) attacks. In order for uRPF to function, Cisco Express Forwarding (CEF) must be enabled.
uRPF does not scan a packet to determine whether the packet contains malware. However, uRPF can prevent spoofing attacks. If the IP address information for a packet is spoofed, the uRPF check will fail and the packet will be dropped. To protect a network from malware, you should implement an inline Intrusion Prevention System (IPS).
uRPF does not ensure that priority traffic is transmitted in a timely fashion? this is the function of Quality of Service (QoS). QoS provides priority service to traffic to ensure reliable delivery of the packets. Without QoS, delaysensitive traffic, such as voice traffic, might not receive a constant, predictable flow throughout the network. Because voice traffic is delaysensitive, uneven delays in the delivery of the voice packets can cause noticeable gaps in the audible transmission that the receiver hears. To help prevent delays, which could degrade the quality of the call, QoS marks the voice traffic with a higher priority than most data traffic, ensuring a smooth and predictable delivery.
uRPF does not encapsulate packets and send them through a tunnel interface. In fact, uRPF cannot inspect traffic that is encapsulated in a Generic Routing Encapsulation (GRE), Layer 2 Tunneling Protocol (L2TP), or PointtoPoint Tunneling Protocol (PPTP) tunnel. You should implement uRPF so that packets are checked after they are decapsulated and decrypted.
uRPF does not prevent packet loss in asymmetric routing configurations. In fact, uRPF can cause legitimate traffic to be dropped in asymmetric routing configurations when uRPF is implemented in strict mode. In uRPF strict mode, a packet is dropped if it did not arrive from the best path. In uRPF loose mode, a packet is dropped only if there is novalid route to the source network in the router’s unicast routing table.