nanog mailing list archives

Re: Cox AS22773 uPRF issue - please contact off list

From: Saku Ytti via NANOG <nanog () lists nanog org>
Date: Thu, 4 Dec 2025 09:40:58 +0200

On Thu, 4 Dec 2025 at 06:24, C. Jon Larsen via NANOG
<nanog () lists nanog org> wrote:

strict urpf should only ever be enabled by providers when PA space is
assigned, and typically thats on a static routed assignment, never a bgp
session and typically never on a bgp session / peer with a customer that is
multihomed, etc.


There is a variant of strict with feasible paths, basically RIB instead of FIB.

However uRPF is expensive, and if you do have BGP, you hopefully have
prefix-lists, then you might just as well use those prefix-lists as an
ACL, which are usually zero or near zero cost.

-- 
  ++ytti
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/6NLAW2IARNRRGA7YGXEI4XZYS4YIQ4E2/

Current thread:

Cox AS22773 uPRF issue - please contact off list Evan S. Weiner via NANOG (Dec 03)
- Re: Cox AS22773 uPRF issue - please contact off list C. Jon Larsen via NANOG (Dec 03)
  - Re: Cox AS22773 uPRF issue - please contact off list Frank Habicht via NANOG (Dec 03)
    - Re: Cox AS22773 uPRF issue - please contact off list William Herrin via NANOG (Dec 04)
    - Re: Cox AS22773 uPRF issue - please contact off list Frank Habicht via NANOG (Dec 04)
  - Re: Cox AS22773 uPRF issue - please contact off list Saku Ytti via NANOG (Dec 03)