- [Instructor] Another interesting security measure…is preventing spoofed traffic on a network…utilizing unicast reverse path forwarding.…In essence, uRPF will check the CEF FIB…and ensure that the source of packets…is reachable from the interface on which they arrived.…uRPF has three operational modes,…strict, loose, and VRF.…Strict mode ensures that the packet source is reachable…and that it is arriving on the interface…the FIB has it reachable from.…
RPF (reverse-path forwarding). Extending RPB.Improvement to RPB (“extended RPB”). – use routing protocol to detect which of neighbors links are parent.
Loose mode only checks the FIB…to ensure the packet source is reachable.…VRF mode, which isn't covered by the exam,…works similarly to loose mode,…but does its verification inside of VRFs.…Looking a little closer at strict mode,…it can be somewhat dangerous.…A good portion of my networks today…have multiple layers of redundancy,…which means if traffic happens to…flow across one of these alternate links,…strict mode would likely drop the traffic…as it's not very forgiving of asymmetric routing.…
It's for this reason that strict mode…is better for very linear networks.…