nanog mailing list archives

Re: uPRF strict more

From: John Kristoff <jtk () dataplane org>
Date: Wed, 29 Sep 2021 07:50:45 -0500

On Tue, 28 Sep 2021 17:47:41 -0700
Randy Bush <randy () psg com> wrote:

do folk use uPRF strict mode?


Presumably you mean uRPF.  As of a few months ago, the .edu  I was doing
netops at, Juniper's 'rpf-check' option was set on all the edge
interfaces where there were only end hosts.  This is strict mode. The
Cisco counterpart devices would use ' ip verify unicast source
reachable-via rx'.  Also strict mode.

More complicated inter-router links would not use this, but some had
form ingress filter that performed roughly the equivalent where
necessary.

John

Current thread:

Re: [External] Re: uPRF strict more, (continued)
- - - Re: [External] Re: uPRF strict more Hunter Fuller via NANOG (Sep 30)
    - Re: [External] Re: uPRF strict more Mark Tinka (Sep 30)
    - Re: [External] Re: uPRF strict more Valdis Klētnieks (Sep 30)
    - Re: [External] Re: uPRF strict more Mark Tinka (Sep 30)
    - Re: [External] Re: uPRF strict more Andrew Smith (Sep 30)
    - Re: [External] Re: uPRF strict more Sabri Berisha (Sep 30)
    - Re: [External] Re: uPRF strict more Saku Ytti (Sep 30)
    - RE: [External] Re: uPRF strict more Brian Turnbow via NANOG (Sep 30)
    - Re: uPRF strict more Mark Tinka (Sep 29)
- Re: uPRF strict more Mark Tinka (Sep 29)
- Re: uPRF strict more John Kristoff (Sep 29)