[j-nsp] Juniper uRPF implementation

[Pekka Savola]

On Wed, 3 Dec 2008, German Martinez wrote:
> We have an scenario where we have a bunch of routes in the routing table (RE) but we only let one default route go to the PFE.
> We achieve that by using forwarding filters.
>
> Could someone clarify Juniper's uRPF implementation, when only a default route is installed in the PFE?
> Are the uRPF decisions taken based on data found in the control planer or the forwarding plane?
>
> I am a bit confused because according to the documentation that I found the decisions are based on the routing table.  If I have all
> routes in my routing table I shouldn't have any issues.  Is that a right assumption?

Strong maybe.  You'll need to test it.  However, there is some 
circumstancial evidence which supports control plane.  The second you 
enable RPF on your box (no matter which flavour), your PFE's RPF 
checking starts using memory linear to the routing table size.  It 
seems to replicate all the routing tables for its own purposes.  This 
would make little sense (even less than the current dumb algorithm) if 
it just used routes in PFE.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings