On Thu, 4 Dec 2025 at 06:24, C. Jon Larsen via NANOG <[email protected]> wrote:
> strict urpf should only ever be enabled by providers when PA space is > assigned, and typically thats on a static routed assignment, never a bgp > session and typically never on a bgp session / peer with a customer that is > multihomed, etc. There is a variant of strict with feasible paths, basically RIB instead of FIB. However uRPF is expensive, and if you do have BGP, you hopefully have prefix-lists, then you might just as well use those prefix-lists as an ACL, which are usually zero or near zero cost. -- ++ytti _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/6NLAW2IARNRRGA7YGXEI4XZYS4YIQ4E2/
