Unicast Reverse Path Forwarding can perform all of these actions except which one?
A.
examine all packets received to make sure that the source addresses and source interfaces appear in the routing table and match the interfaces where the packets were received
B.
check to see if any packet received at a router interface arrives on the best return path
C.
combine with a configured ACL
D.
log its events, if you specify the logging options for the ACL entries used by the unicast rpf command
E.
inspect IP packets encapsulated in tunnels, such as GRE
Explanation:
For RPF to function, CEF must be enabled on the router. This is because the router uses the Forwarding Information Base (FIB) of CEF to perform the lookup process, which is built from the router’s routing table. In other words, RPF does not really look at the router’s routing table; instead, it uses the CEF FIB to determine spoofing.
Also, RPF cannot detect all spoofed packets. For the network in this example, the perimeter router cannot determine spoofing from packets received on the external E1 interface if they match the default route statement. Therefore, the more routes your router has in its CEF FIB table, the more likely the router will be capable of detecting spoofing attacks. In addition, RPF cannot detect any spoofed packets that are encapsulated, such as packets encapsulated in GRE, IPSec, L2TP, and other packets.