Skip to main content

Enhanced Feasible-Path Unicast Reverse Path Filtering

Document Type Replaced Internet-Draft (opsec WG)
Expired & archived
Authors Kotikalapudi Sriram , Doug Montgomery , Jeffrey Haas
Last updated 2019-04-08 (Latest revision 2018-03-05)
Replaced by draft-ietf-opsec-urpf-improvements
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status Best Current Practice
Additional resources Mailing list discussion
Stream WG state WG Document
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-opsec-urpf-improvements
Consensus boilerplate Yes
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document identifies a need for improvement of the unicast Reverse Path Filtering techniques (uRPF) [BCP84] for source address validation (SAV) [BCP38]. The strict uRPF is inflexible about directionality, the loose uRPF is oblivious to directionality, and the current feasible-path uRPF attempts to strike a balance between the two [BCP84]. However, as shown in this draft, the existing feasible-path uRPF still has short comings. This document describes an enhanced feasible-path uRPF technique, which aims to be more flexible (in a meaningful way) about directionality than the feasible-path uRPF. It can potentially alleviate ISPs' concerns about the possibility of disrupting service for their customers, and encourage greater deployment of uRPF techniques.


Kotikalapudi Sriram
Doug Montgomery
Jeffrey Haas

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)