10 Jun
2020
10 Jun
'20
7:40 p.m.
On Thu, Jun 11, 2020 at 12:01:38AM +0200, Baldur Norddahl wrote:
Am I correct in assuming loose mode RPF only drops packets from unannounced address space in the global routing table? And the downside of doing so is that sometimes we do receive packets from that address space, usually back scatter from traceroute or other ICMP messages.
uRPF absolutely kills the pps performance or your hardware due to the packet having to be recirculated to do the check(at least this is the case on every platform that ive ever tested it on). use acl's to protect your edge. -b