nanog mailing list archives

RE: uPRF strict more

From: Brian Turnbow via NANOG <nanog () nanog org>
Date: Wed, 29 Sep 2021 09:36:08 +0000

Hi,

Having said that, I'm not convinced anyone should use uRPF at all.
Because you should already know what IP addresses are possible behind the
port, if you do, you can do ACL, and ACL is significantly lower cost in PPS in a
typical modern lookup engine.

uRPF still has it's place in access.
We use it in single homed customers and one of the reasons is the limit to the number of acls.
Asr 1ks are 4k unique acls IIRC , but you can put a lot more users on them.
Maybe things have changed since I last looked but this was the main driver for us to use uRPF when we started with 1ks.

Brian

Current thread:

uPRF strict more Randy Bush (Sep 28)
- Re: uPRF strict more Amir Herzberg (Sep 28)
  - Re: uPRF strict more Saku Ytti (Sep 28)
    - Re: uPRF strict more Nick Hilliard (Sep 29)
    - Re: uPRF strict more Mark Tinka (Sep 29)
    - RE: uPRF strict more Brian Turnbow via NANOG (Sep 29)
    - Re: uPRF strict more Barry Greene (Sep 29)
    - Re: uPRF strict more Mark Tinka (Sep 29)
  - Re: uPRF strict more Blake Hudson (Sep 29)
    - Re: uPRF strict more Mark Tinka (Sep 29)
    - Re: uPRF strict more Blake Hudson (Sep 29)
    - Re: uPRF strict more Sabri Berisha (Sep 29)
    - Re: uPRF strict more Blake Hudson (Sep 30)
  - Re: uPRF strict more Adam Thompson (Sep 29)
    - Re: uPRF strict more Phil Bedard (Sep 29)
    - Re: uPRF strict more brad dreisbach (Sep 29)

(Thread continues...)