nanog mailing list archives
RE: uPRF strict more
From: Brian Turnbow via NANOG <nanog () nanog org>
Date: Wed, 29 Sep 2021 09:36:08 +0000
Hi,
Having said that, I'm not convinced anyone should use uRPF at all. Because you should already know what IP addresses are possible behind the port, if you do, you can do ACL, and ACL is significantly lower cost in PPS in a typical modern lookup engine.
uRPF still has it's place in access. We use it in single homed customers and one of the reasons is the limit to the number of acls. Asr 1ks are 4k unique acls IIRC , but you can put a lot more users on them. Maybe things have changed since I last looked but this was the main driver for us to use uRPF when we started with 1ks. Brian
Current thread:
- uPRF strict more Randy Bush (Sep 28)
- Re: uPRF strict more Amir Herzberg (Sep 28)
- Re: uPRF strict more Saku Ytti (Sep 28)
- Re: uPRF strict more Nick Hilliard (Sep 29)
- Re: uPRF strict more Mark Tinka (Sep 29)
- RE: uPRF strict more Brian Turnbow via NANOG (Sep 29)
- Re: uPRF strict more Barry Greene (Sep 29)
- Re: uPRF strict more Saku Ytti (Sep 28)
- Re: uPRF strict more Mark Tinka (Sep 29)
- Re: uPRF strict more Amir Herzberg (Sep 28)
- Re: uPRF strict more Blake Hudson (Sep 29)
- Re: uPRF strict more Mark Tinka (Sep 29)
- Re: uPRF strict more Blake Hudson (Sep 29)
- Re: uPRF strict more Sabri Berisha (Sep 29)
- Re: uPRF strict more Blake Hudson (Sep 30)
- Re: uPRF strict more Phil Bedard (Sep 29)
- Re: uPRF strict more brad dreisbach (Sep 29)