Unicast Reverse Path Forwarding (uRPF)

Unicast Reverse Path Forwarding (uRPF)

What is uRPF?

uRPF checks accessibility of source ip address. Actualy it designed to control for security to malicious traffic on L3 devivces (Router).

Generally it uses by isp and urpf prevents to create spoofed ip address by subscriber.

Router check source ip address which forward packet and does using FIB table performs. Whenever your router receives an IP packet it will check if it has a matching entry in the routing table for the source IP address

Urpf will do well if comes random fake source ip address from the back of the router. it helps to mitigation ddos attack

CEF must be open on Cisco Devices for URPF

uRPF Methods?
– Strict Mode
– Loose Mode
Strict mode controls routing table + interface (source coming). So input and output packets must be on same interface. Note: if you have asimetric routing, it will be problem.
Loose mode only check source ip address on FIB table. It is enough to match source ip address in the FIB table.
Configuration Guide;
http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfrpf.html