What is the relationship between Unicast RPF and BGP RP filtering in practice?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Master RIPE BGP Security with our comprehensive test. Understand the Border Gateway Protocol, explore multiple choice questions, and get ready for your exam with detailed hints and explanations.

Multiple Choice

What is the relationship between Unicast RPF and BGP RP filtering in practice?

Explanation:
Unicast RPF and BGP RP filtering both aim to prevent misrouted or spoofed traffic by tying what the router sees to its own view of the network, but they operate on different parts of the forwarding decision. Unicast RPF checks the path back to the packet’s source address using the inbound interface: the router looks up the best route to the source and verifies that the packet arrived on the interface that would be used to reach that source. If the path doesn’t line up (in strict mode) or if there’s no valid path (in loose mode), the packet is dropped. This is why it’s described as validating inbound interface routes. BGP RP filtering, by contrast, looks at BGP update messages and ensures the next-hop in those updates is reachable via the inbound interface, according to the router’s routing table. If the next-hop isn’t reachable on that interface, the update is rejected. So RP filtering validates the next-hop origin in the context of the receiving interface. In short, Unicast RPF focuses on validating the route to the packet’s source via the inbound interface, while RP filtering focuses on validating the next-hop specified by a BGP route for reachability through the inbound interface. That’s why the correct understanding is that Unicast RPF validates inbound interface routes and RP filtering validates the next-hop.

Unicast RPF and BGP RP filtering both aim to prevent misrouted or spoofed traffic by tying what the router sees to its own view of the network, but they operate on different parts of the forwarding decision. Unicast RPF checks the path back to the packet’s source address using the inbound interface: the router looks up the best route to the source and verifies that the packet arrived on the interface that would be used to reach that source. If the path doesn’t line up (in strict mode) or if there’s no valid path (in loose mode), the packet is dropped. This is why it’s described as validating inbound interface routes.

BGP RP filtering, by contrast, looks at BGP update messages and ensures the next-hop in those updates is reachable via the inbound interface, according to the router’s routing table. If the next-hop isn’t reachable on that interface, the update is rejected. So RP filtering validates the next-hop origin in the context of the receiving interface.

In short, Unicast RPF focuses on validating the route to the packet’s source via the inbound interface, while RP filtering focuses on validating the next-hop specified by a BGP route for reachability through the inbound interface. That’s why the correct understanding is that Unicast RPF validates inbound interface routes and RP filtering validates the next-hop.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy