Configuring Urpf; Overview; How Urpf Works - HP 6125G Configuration Manual

Configuring URPF

The term "router" in this feature refers to both routers and Layer 3 switches.

Overview

Unicast Reverse Path Forwarding (URPF) protects a network against source spoofing attacks, such as
denial of service (DoS) and distributed denial of service (DDoS) attacks.
Attackers launch source spoofing attacks by creating packets with forged source addresses. For
applications using IP-address-based authentication, this type of attack allows unauthorized users to
access the system in the name of authorized users, or to even access the system as the administrator. Even
if the attackers cannot receive any response packets, the attacks are still disruptive to the attacked target.
Figure 80 Attack based on source address spoofing
As shown in
IP address 2.2.2.1, and Router B sends response packets to IP address 2.2.2.1 (Router C). Consequently,
both Router B and Router C are attacked. URPF can prevent such attacks.

How URPF works

URPF does not check multicast packets.
URPF works in the steps, as shown in
Figure 80, an attacker on Router A sends the server (Router B) requests with a forged source
Figure 81.
255