On Tue, Oct 13, 2020 at 05:49:42PM -0500, Brian Knight via NANOG wrote:
> Hi Mel,
>
> My understanding of uRPF is:
>
> * Strict mode will permit a packet only if there is a route for the
> source IP in the RIB, and that route points to the interface where the
> packet was received
>
> * Loose mode will permit a packet if there is a route for the source IP
> in the RIB. It does not matter where the route is pointed.
>
> Strict mode won't work for us, because with our multi-homed transits and
> IX peers, we will almost certainly drop a legitimate packet because the
> best route is through another transit.
>
> Loose mode won't work for us, because all of our own prefixes are in our
> RIB, and thus the uRPF check on a transit would never block anything.
You'll be surprised at the garbage you would drop that you can't return.
- Jared
