This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Enterprise
Community Forums Switches
Ping failed after configu...

Ping failed after configuring the URPF

Created: Sep 26, 2019 07:07:31Latest reply: Sep 27, 2019 08:37:32 236 10 0 0
  Rewarded Hi-coins: 0 (problem resolved)
display all floors #1

Pinging is successful before the urpf configuration, but failed after configuring the urpf on the access interface. The only changed configuration is the additional urpf checking. What is the potential reason, coule you guys help me?


  • x
  • convention:

I have this problem too (0) Favorite(0) Share Report
Featured Answers
chenhui
Admin Created Sep 27, 2019 08:36:52 Helpful(0) Helpful(0)

Posted by user_3445655 at 2019-09-27 08:36Yes, will that be the reason?

Yes, I think that is the reason. URPF wouldn’t check the default route by default. If you want the default route to be checked during the URPF inspection, additional configuration is required, please try to configure ip urpf allow default-route under the interface view, and check whether the pinging could work.
By the way, it’s strongly recommended NOT to allow the default route checking, because it will make the URPF meaningless.
  • x
  • convention:
All Answers
chenhui
chenhui Admin Created Sep 26, 2019 07:08:05 Helpful(0) Helpful(0)

Did you configure the URPF inspection with loose mode or strict mode?
  • x
  • convention:
user_3445655
user_3445655 Created Sep 26, 2019 07:37:23 Helpful(0) Helpful(0)

Posted by chenhui at 2019-09-26 07:08 Did you configure the URPF inspection with loose mode or strict mode?
I tried both, no matter loose mode or strict mode, pinging is failure.
  • x
  • convention:
chenhui
chenhui Admin Created Sep 26, 2019 07:37:39 Helpful(0) Helpful(0)

Posted by user_3445655 at 2019-09-26 07:37 I tried both, no matter loose mode or strict mode, pinging is failure.
Do the packets come from the out interface which the route towards to? Will you please verify that?
  • x
  • convention:
user_3445655
user_3445655 Created Sep 26, 2019 09:38:26 Helpful(0) Helpful(0)

Posted by chenhui at 2019-09-26 07:37 Do the packets come from the out interface which the route towards to? Will you please verify that ...
port mirroring and packet capture result indicates the result is positive.
  • x
  • convention:
chenhui
chenhui Admin Created Sep 26, 2019 09:38:51 Helpful(0) Helpful(0)

Posted by user_3445655 at 2019-09-26 09:38 port mirroring and packet capture result indicates the result is positive.
well, can you show us the corresponding routes?
  • x
  • convention:
user_3445655
user_3445655 Created Sep 27, 2019 08:35:38 Helpful(0) Helpful(0)

Posted by chenhui at 2019-09-26 09:38 well, can you show us the corresponding routes?
sorry for the late.

Destination/Mask Proto Pre Cost Flags NextHop Interface

0.0.0.0/0 Static 60 0 RD 182.33.74.5 GigabitEthernet 0/0/0
10.133.10.0/28 Direct 0 0 D 10.133.10.5 GigabitEthernet 0/0/1
10.133.10.5/32 Direct 0 0 D 127.0.0.1 GigabitEthernet 0/0/1
10.133.20.0/24 O_ASE 150 1 D 10.133.10.6 GigabitEthernet0/0/1
10.133.20.1/32 OSPF 10 1 D 10.133.10.6 GigabitEthernet0/0/1
10.137.0.0/24 O_ASE 150 1 D 10.133.10.6 GigabitEthernet0/0/1
10.137.0.2/32 OSPF 10 1 D 10.133.10.6 GigabitEthernet0/0/1
127.0.0.0/8 Direct 0 0 D 127.0.0.1 InLoopBack0
127.0.0.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
x.x.74.0/27 Direct 0 0 D 182.33.74.7 GigabitEthernet0/0/0
x.x.74.7/32 Direct 0 0 D 127.0.0.1 GigabitEthernet0/0/0
192.168.194.0/24 O_ASE 150 1 D 10.133.10.6 GigabitEthernet0/0/1
  • x
  • convention:
chenhui
chenhui Admin Created Sep 27, 2019 08:36:11 Helpful(0) Helpful(0)

Posted by user_3445655 at 2019-09-27 08:35 sorry for the late.Destination/Mask Proto Pre Cost Flags NextHop Interface ...
Did the traffic forwarded using the default routes?
  • x
  • convention:
user_3445655
user_3445655 Created Sep 27, 2019 08:36:37 Helpful(0) Helpful(0)

Posted by chenhui at 2019-09-27 08:36 Did the traffic forwarded using the default routes?
Yes, will that be the reason?
  • x
  • convention:
chenhui
chenhui Admin Created Sep 27, 2019 08:36:52 Helpful(0) Helpful(0)

Posted by user_3445655 at 2019-09-27 08:36Yes, will that be the reason?

Yes, I think that is the reason. URPF wouldn’t check the default route by default. If you want the default route to be checked during the URPF inspection, additional configuration is required, please try to configure ip urpf allow default-route under the interface view, and check whether the pinging could work.
By the way, it’s strongly recommended NOT to allow the default route checking, because it will make the URPF meaningless.
  • x
  • convention:
12
Back to list

Comment

Reply
Advanced
B Color Image Link Quote Code Smilies
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy Terms of Use
Huawei Enterprise Huawei Carrier Forum Training & Certification

Copyright © 2019 Huawei Technologies Co., Ltd. All rights reserved.

APP