> uRPF will certainly save a bit of CPU cycles than access-lists or policy > routing.. it would be intertesting to know any kind of 'common practice' > ways people use to fool the router so that it will think such offensive > source IP's are hitting uRPF.
null route? even with a loose check, if you implement some kind of blackhole system, send the miscreant source adress to say, 172.1.1.1 and have 172.1.1 routed to null 0, uRPF should kill any src/dst packets for the host/block if i'm not mistaken.
