Refer to the exhibit. R1 is multihomed to ISP1 and ISP2. uRPF strict mode has been configured on both interfaces uplinked to the ISPs. Traffic destined to the Internet over ISP1 returns to R1 via ISP2 and is immediately dropped.
Which configuration changes address this issue and allow return traffic from the other ISP?
The issue described in the question is caused by strict uRPF (Unicast Reverse Path Forwarding) mode, which drops incoming packets if the source IP address is not reachable via the interface on which the packet was received. In a multihomed scenario, return traffic might come through a different ISP, causing the strict uRPF check to fail. To address this issue while still maintaining security, the configuration should allow the default route to be used as a valid return path. Option B configures interface FastEthernet 0/1 to use the 'any' keyword with the 'allow-default' option, which allows the RPF check to pass if the source IP address is reachable via any route, including the default route. This configuration matches the requirement of allowing return traffic from the other ISP.
Seems right
Sigh, this is an internet connection. This means a default route, which means allow-default ... thus B
the answer is in the question itself,, we use allow-default to provide more security
Seems right, we do not have enough requirements to add "allow-default"