Unicast Reverse path forwarding

ccitob2014 · ‎05-22-2013

Hi

I would like to implement URPF in our network, recently two times DDOS attecs occurs, I would like to implement URPF, is any risk involve to configure UPRF on ISP routers atleast to protect our network.

Please kindly Advise.

Thanks

ccitob2014 · ‎05-22-2013

As i know there are two modes : 1= Restricted 2= Loose, IF the Edge routes are directly connected to ISP which mode is the best to configure for mitigation, please kindly suggest.

At the URPF id disable on interfaces

Thanks

Richard Burts · ‎06-06-2013

URPF can sound very appealing when you are trying to protect your network from attacks that may be launched using spoofed addresses. But there are several things to consider as you decide whether to use, and how to use URPF. For example you might configure URPF on the link to your ISP. Consider what might happen, especially if you are single homed to the ISP. Any source address that is not from inside your network will probably pass URPF because the path to remote addresses is generally through your ISP.

You might also think about the implications of using URPF in strict mode if you are dual homed. If you are dual homed it is likely that some addresses will have their best path through ISP A and some other addresses will have their best path through ISP B. So lets think about a packet that arrives from ISP A. The source address is 2.2.2.2 and URPF determines that the best path to 2.0.0.0 is through ISP B. This packet would be discarded because it arrived from ISP A but the best path is ISP B.

HTH

Rick

HTH

Rick