URPF on small BGP-enabled customers?

• Previous message (by thread): URPF on small BGP-enabled customers?
• Next message (by thread): URPF on small BGP-enabled customers?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andre Oppermann wrote:

> No, my proposal works as long as the customer advertizes their prefixes
> via BGP, not matter how long the path or what community attributes are
> set (for example NOEXPORT).  No matter how they send it, as long as they
> send it, it works fine.  Unlike uRPF which depends on exactly this path
> being the best path of all path available.  All this trouble of routing
> decisions which affect uRPF is avoided.  That is also why it feeds the
> received prefixes into an ACL which then is applied to the interface
> versus doing two FIB lookups (one on source IP and one on destination
> IP).

And my proposal works as long as the customer advertises their prefixes 
via BGP, with the added caveat that ACLs don't have to be updated (i.e. 
uRPF works and is used).  I'd have to re-check my customer-side route 
maps, but I think they'll open the uRPF for all possible permutations of 
<community>.

pt

• Previous message (by thread): URPF on small BGP-enabled customers?
• Next message (by thread): URPF on small BGP-enabled customers?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]