Revision as of 00:08, 12 May 2021 edit Evilninja (talk \| contribs) Extended confirmed users, IP block exemptions 1,812 edits cite web used; EL cleanup ← Previous edit		Revision as of 19:14, 15 September 2021 edit undo Gbaulch (talk \| contribs) 39 edits m Grammar: antecedent of "it" (changed from "they") is the singular noun "traffic." Next edit →
Line 24: == Unicast RPF == '''Unicast RPF''' (uRPF), as defined in RFC 3704, is an evolution of the concept that traffic from known invalid networks should not be accepted on interfaces from which ~~they~~it should never have originated. The original idea as seen in RFC 2827 was to block traffic on an interface if it is sourced from forged IP addresses. It is a reasonable assumption for many organizations to simply disallow propagation of private addresses on their networks unless they are explicitly in use. This is a great benefit to the Internet backbone as blocking packets from obviously bogus source addresses helps to cut down on IP address spoofing which is commonly used in [[denial of service\|DoS]], [[distributed denial of service\|DDoS]], and network scanning to obfuscate the source of the scan.<ref>{{cite web \| url=https://tools.cisco.com/security/center/resources/unicast_reverse_path_forwarding \| title=Understanding Unicast Reverse Path Forwarding

Reverse-path forwarding: Difference between revisions