Skip to main content

Enhanced Feasible-Path Unicast Reverse Path Filtering
draft-sriram-opsec-urpf-improvements-03

Document Type Replaced Internet-Draft (opsec WG)
Authors Kotikalapudi Sriram , Doug Montgomery , Jeffrey Haas
Last updated 2019-04-08 (Latest revision 2018-03-05)
Replaced by RFC 8704
Stream Internet Engineering Task Force (IETF)
Intended RFC status Best Current Practice
Formats
Expired & archived
plain text htmlized pdfized bibtex
Stream WG state WG Document
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-opsec-urpf-improvements
Consensus boilerplate Yes
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:
https://www.ietf.org/archive/id/draft-sriram-opsec-urpf-improvements-03.txt

Abstract

This document identifies a need for improvement of the unicast Reverse Path Filtering techniques (uRPF) [BCP84] for source address validation (SAV) [BCP38]. The strict uRPF is inflexible about directionality, the loose uRPF is oblivious to directionality, and the current feasible-path uRPF attempts to strike a balance between the two [BCP84]. However, as shown in this draft, the existing feasible-path uRPF still has short comings. This document describes an enhanced feasible-path uRPF technique, which aims to be more flexible (in a meaningful way) about directionality than the feasible-path uRPF. It can potentially alleviate ISPs' concerns about the possibility of disrupting service for their customers, and encourage greater deployment of uRPF techniques.

Authors

Kotikalapudi Sriram
Doug Montgomery
Jeffrey Haas

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)