2.2.11. Reverse Path Forwarding
IPaddresses from local subnets and reduces the opportunity for DDoS attacks.
IPv4in Red Hat Enterprise Linux 6.
- Reverse Path Forwarding is enabled by means of the
rp_filteroption is used to direct the kernel to select from one of three modes.It takes the following form when setting the default behavior:
~]# /sbin/sysctl -w net.ipv4.conf.default.rp_filter=INTEGERwhere INTEGER is one of the following:
The setting can be overridden per network interface using
0— No source validation.
1— Strict mode as defined in RFC 3704.
2— Loose mode as defined in RFC 3704.
net.ipv4.interface.rp_filter. To make these settings persistent across reboot, modify the
220.127.116.11. Additional Resources
- Installed Documentation
usr/share/doc/kernel-doc-version/Documentation/networking/ip-sysctl.txt— This file contains a complete list of files and options available in the
- Useful Websiteshttps://access.redhat.com/knowledge/solutions/53031 — The Red Hat Knowledgebase article about
rp_filter.See RFC 3704 for an explanation of Ingress Filtering for Multihomed Networks.