Network Application - HP FlexNetwork 10500 Series Security Configuration Manual

255.255.255.255 might be a DHCP or BOOTP packet and cannot be discarded.) The
packet is discarded if it has a non-broadcast destination address.
uRPF proceeds to step 2 for other packets.
2. uRPF checks whether the source address matches a unicast route:
If yes, uRPF proceeds to step 3.
If no, uRPF discards the packet. A non-unicast source address matches a non-unicast
route.
3. uRPF checks whether the matching route is to the host itself:
If yes, the output interface of the matching route is an InLoop interface. uRPF checks
whether the receiving interface of the packet is an InLoop interface. If yes, it does not check
the packet. If no, uRPF discards the packet.
If no, uRPF proceeds to step 4.
4. uRPF checks whether the matching route is a default route:
If yes, uRPF checks whether the allow-default-route keyword is configured to allow using
the default route. If yes, uRPF proceeds to step 5. If no, uRPF discards the packet.
If no, uRPF proceeds to step 5.
5. uRPF checks whether the receiving interface matches the output interface of the matching FIB
entry:
If yes, uRPF forwards the packet.
If no, uRPF checks whether the check mode is loose. If yes, the packet is forwarded. If no,
the packet is discarded.

Network application

Figure 134 Network diagram
As shown in
network. Loose uRPF check is configured between ISPs.
ISP A
Figure 134, strict uRPF check is configured between an ISP network and a customer
ISP B
uRPF (loose)
uRPF (strict)
User
450
ISP C