On Thu, Jun 11, 2020 at 9:08 AM brad dreisbach <br...@us.ntt.net> wrote: > uRPF absolutely kills the pps performance or your hardware due to the packet > having to be recirculated to do the check(at least this is the case on every > platform that ive ever tested it on). use acl's to protect your edge.
Hi Brad, Don't the ACLs generally live in a partition of the TCAM too? So you're going from two constant-time TCAM lookups per packet (route, acls) to three (route, urpf, acls)? Not rhetorical; getting close to the edge of my knowledge here. Regards, Bill Herrin -- William Herrin b...@herrin.us https://bill.herrin.us/
