On Thu, Jun 11, 2020 at 9:08 AM brad dreisbach <[email protected]> wrote: > uRPF absolutely kills the pps performance or your hardware due to the packet > having to be recirculated to do the check(at least this is the case on every > platform that ive ever tested it on). use acl's to protect your edge.
Hi Brad, Don't the ACLs generally live in a partition of the TCAM too? So you're going from two constant-time TCAM lookups per packet (route, acls) to three (route, urpf, acls)? Not rhetorical; getting close to the edge of my knowledge here. Regards, Bill Herrin -- William Herrin [email protected] https://bill.herrin.us/
