nanog mailing list archives

Re: Cox AS22773 uPRF issue - please contact off list

From: William Herrin via NANOG <nanog () lists nanog org>
Date: Thu, 4 Dec 2025 05:19:36 -0800

On Wed, Dec 3, 2025 at 8:32 PM Frank Habicht via NANOG
<nanog () lists nanog org> wrote:

if you're a customer, using only my PA space, and multihomed:
I'll do BGP with you -- you can be AS64512.
I'll do strict uRPF with a fail-filter allowing all my PA space sourced
by you.

Is there a problem with that?


Most likely, yes there is.

I can drop my announcement without dropping the BGP session. There are
lots of reasons to do so. If you're doing strict URPF, you'll start
blackholeing packets I send to you on the link based on the routes
you're still sending to me, even though they're from the address space
you assigned to me. URPF will show the return route transiting the
other link.

It's even more dicey if the multihoming isn't two links with you but
rather a link with you and another with someone else.

Regards,
Bill Herrin

-- 
For hire. https://bill.herrin.us/resume/
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/EZCTHWNTZNMRCI7A6A2ET4WS3WA3LVAK/

Current thread:

Cox AS22773 uPRF issue - please contact off list Evan S. Weiner via NANOG (Dec 03)
- Re: Cox AS22773 uPRF issue - please contact off list C. Jon Larsen via NANOG (Dec 03)
  - Re: Cox AS22773 uPRF issue - please contact off list Frank Habicht via NANOG (Dec 03)
    - Re: Cox AS22773 uPRF issue - please contact off list William Herrin via NANOG (Dec 04)
    - Re: Cox AS22773 uPRF issue - please contact off list Frank Habicht via NANOG (Dec 04)
  - Re: Cox AS22773 uPRF issue - please contact off list Saku Ytti via NANOG (Dec 03)