Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
772
Views
10
Helpful
4
Replies

Reverse path Forwarding

mirzaakberali
Level 1
Level 1

‎09-27-2007 01:02 AM - edited ‎03-05-2019 06:43 PM

Hi,

Can any one please let me know what is Reverse path forwarding and what is the function of Upstream path and down stream path.

Thanks,

Akber Mirza.

Labels:
0 Helpful
4 Replies 4

Richard Burts
Hall of Fame
Hall of Fame

‎09-27-2007 02:46 AM

Akber

Reverse Path Forwarding is a concept that was developed as a way to detect and deny packets that appear to have forged source addresses. Hackers will frequently send packets in which they have put source addresses that are not really the correct source. Using RPF is a way to attempt to defend against these packets. The basic concept of RPF is that if you receive a packet and the interface on which you receive it is not the interface that you would use to get to the subnet of the source address then the packets is likely a forged address. For example on a router at the edge of your network which has an interface facing outward to the public network and an interface facing inward toward your private network and you receive a packet on the outward facing interface which has a source address claiming to be from your private network, then this packet is most likely forged and RPF would deny this packet.

A slightly different way of explaining it is that RPF looks at a packet that you receive, looks at the path that the packet used to get to us, and asks: if I go in the reverse direction (if I want to get to the source of this packet) is this the path that I would use to get there?

RPF usually makes more sense applied at the edges of your network (facing toward public networks, or facing toward access devices where user machines are connected) than it does applied in the interior of your network.

HTH

Rick

HTH

Rick

mirzaakberali
Level 1
Level 1
In response to Richard Burts

‎09-27-2007 09:36 PM

Thanks Rick for the above inputs. It helped me in understanding the RPF fully.

Regards,

Akber.

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎09-27-2007 04:12 AM

RPF also is used in multicast. Concept is similar to Rick's explanation for unicast RPF. With multicast, RPF ignores packets that don't come in on the interface that would be the expected interface leading back to the multicast source.

PS:

One issue to be aware of with RPF for unicast, it may drop "legal" traffic if the network has asymmetric routing.

0 Helpful

ajagadee
Cisco Employee
Cisco Employee

‎09-27-2007 06:05 AM

Hi,

The below URL should give you a good idea on RPF.

http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html

Also, for multiomed network, look at URPF with Loose Mode.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a00803fa70b.html

I hope it helps.

Regards,

Arul

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card