uRPF operation

Figure 129 shows how uRPF works.

1. uRPF checks source address validity:

   • uRPF discards packets with a broadcast source address.

   • uRPF discards packets with an all-zero source address but a non-broadcast destination address. (A packet with source address 0.0.0.0 and destination address 255.255.255.255 might be a DHCP or BOOTP packet and cannot be discarded.)

   • uRPF proceeds to step 2 for other packets.

2. uRPF checks whether the source address matches a FIB entry:

   • If yes, uRPF proceeds to step 3.

   • If no, uRPF proceeds to step 6.

3. uRPF checks whether the check mode is loose:

   • If yes, uRPF proceeds to step 8.

   • If no, uRPF checks whether the matching route is a direct route:

     • If yes, uRPF proceeds to step 5.

     • If no, uRPF proceeds to step 4.

4. uRPF checks whether the receiving interface matches the output interface of the matching FIB entry:

   • If yes, uRPF proceeds to step 8.

   • If no, uRPF proceeds to step 9.

5. uRPF checks whether the source IP address matches an ARP entry:

   • If yes, uRPF proceeds to step 8.

   • If no, uRPF proceeds to step 9.

6. uRPF checks whether the FIB table has a default route:

   • If yes, uRPF proceeds to step 7.

   • If no, uRPF proceeds to step 9.

7. uRPF checks whether the check mode is loose:

   • If yes, uRPF proceeds to step 8.

   • If no, uRPF checks whether the output interface of the default route matches the receiving interface of the packet:

     • If yes, uRPF proceeds to step 8.

     • If no, uRPF proceeds to step 9.

8. The packet passes the check and is forwarded.

9. The packet is discarded.

   	NOTE: uRPF does not check multicast packets.