An engineer must implement Strict Unicast Reverse Path Forwarding mode for IPv4 packets on the Etnerret1/1 interface on the Cisco Nexus 9500 Series Switch. Which configuration achieves this goal?
A.
interlace Ethernet1/1 ip address 172.16.10.1/24 ip verify unicast source reachable-via rx
B.
interface Ethernet1/1 ip address 172.16.10.1/24 ip verify unicast source any
C.
interface Ethernet1/1 ip address 172.16.10.1/24 ip verify unicast source reachable-via any
D.
interface Ethernet1/1 ip address 172.16.10.1/24 ip verify unicast source rx
Suggested Answer:A🗳️
The following example shows how to configure strict unicast RPF for IPv4 packets on a Cisco Nexus 9300 platform switch: no system urpf disable interface Ethernet2/2 ip address 172.23.231.240/23 ip verify unicast source reachable-via rx Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/security/configuration/guide/b_Cisco_Nexus_9000_Series_NX- OS_Security_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide_7x_chapter_010111.html
To implement Strict Unicast Reverse Path Forwarding (uRPF) mode for IPv4 packets on the Ethernet1/1 interface on a Cisco Nexus 9500 Series Switch, you would use the reachable-via rx option. This ensures that the source address of the incoming packet is reachable via the same interface it was received on, which is the definition of strict mode for uRPF.
will go with A
I'm going with C with the 'via any' vs. 'via rx'
I'm not sure the difference and what in the question indicates should be any vs rx...however the configuration guide, every example SPECIFICALLY for the 9500 uses the 'any' syntax
The following example shows how to configure loose unicast RPF for IPv4 packets on a Cisco Nexus 9500 Series switch with an -R line card:
interface Ethernet2/3
ip address 172.23.231.240/23
ip verify unicast source reachable-via any
The following example shows how to configure strict unicast RPF for IPv4 packets on a Cisco Nexus 9300 platform switch:
no system urpf disable
interface Ethernet2/2
ip address 172.23.231.240/23
ip verify unicast source reachable-via rx
{ip | ipv6} verify unicast source reachable-via {any [allow-default] | rx}
Example:
switch(config-if)# ip verify unicast source reachable-via any
The ANSWER is <<< A >>>
This section is not available anymore. Please use the main Exam Page.350-601 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
msalamehi
10 months, 1 week agoCoAsT_x
11 months, 2 weeks agoCoAsT_x
11 months, 2 weeks agoGayan84
2 years agoGuyThatTakesDumps
2 years, 7 months ago