449
Figure 147 URPF work flow
1. URPF checks source address validity:
{ Discards packets with a source broadcast address.
{ Discards packets with an all-zero source address but a non-broadcast destination address.
(A packet with source address 0.0.0.0 and destination address 255.255.255.255 might be a
DHCP or BOOTP packet and cannot be discarded.)
{ Proceeds to step 2 for other packets.
2. URPF checks whether the source address matches a FIB entry:
{ If yes, proceeds to step 3.
{ If not, proceeds to step 5.
3. URPF checks whether the matching route is a default route:
{ If yes, URPF checks whether the allow-default-route keyword is configured to allow the
default route: if yes, proceeds to step 4, if not, proceeds to step 5.
Check the received
packet
A broadcast
source address?
An all-zero
source address?
Does
the source
address match a
FIB entry?
A
broadcast destination
address?
A default route?
Is
the default route
allowed for URPF
check?
Does
the receiving
interface match the
output interface of
the matching FIB
entry?
Loose URPF?
Check passed
Discard
Does the
ACL permit the
packet?
Yes
Yes
Yes
Yes
No
No
Yes
No
No
Yes
Yes
Yes
No
No
No
Yes
No
No
To Next Page
Loading...
Need help?
General
