Network technologies and trends

May 26 2015   4:52AM GMT

What Is uRPF?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

Tags:
IP
IP address
IP packets
RFC
Routers
Routing Table

uRPF also known as Unicast Reverse Path Forwarding is a great security feature found in Cisco IOS Router and ASA Firewalls which is used to limit the malicious traffic on an enterprise network.

Generally when a router receive a unicast IP Packet, the routers cares only about the destination IP address of the packets to forward it. If the packet has to be routed, the router will check it’s routing able for the destination IP address and based on the information it has it will forward the packet to respective interface.

While forwarding a packet the router doesn’t care about the source IP address as its not important for forwarding decisions, this may give an opportunity for the possible attacker to spoof the source IP address so that router will process this packet.

To overcome this issue one can certainly make use of uRPF (Unicast Reverse Path) this little feature ensures that the router verifies the source IP address of the packets it receives and also that packet is reachable via it routing table. uRPF (Unicast Reverse Path) is used to prevent common spoofing attacks and follows RFC 2827 for ingress filtering.

uRPF (Unicast Reverse Path) works in two modes strict mode and loose mode, lets see the difference between then in upcoming post.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: