*** Welcome to piglix ***

Reverse-path forwarding


Reverse path forwarding (RPF) is a technique used in modern routers for the purposes of ensuring loop-free forwarding of multicast packets in multicast routing and to help prevent IP address spoofing in unicast routing.

Multicast RPF, typically denoted simply as RPF, is used in conjunction with a multicast routing protocol such as , PIM-SM and PIM-DM to ensure loop-free forwarding of multicast packets. In multicast routing, the decision to forward traffic is based upon source address and not on destination address as in unicast routing. It does this by utilizing either a dedicated multicast routing table or alternatively the router's unicast routing table.

In IP multicast routing, the router forwards the packet away from the source to make progress along the distribution tree and prevent routing loops. The router's multicast forwarding state runs more logically by organizing tables based on the reverse path, from the receiver back to the root of the distribution tree. This process is known as reverse-path forwarding (RPF).

When a multicast packet enters a router's interface, it will look up the list of networks that are reachable via that interface i.e., it checks the reverse path of the packet. If the router finds a matching routing entry for the source IP address of the multicast packet, the RPF check passes and the packet is forwarded to all other interfaces that are participating in multicast for that multicast group. If the RPF check fails, the packet will be dropped. As a result, the forwarding of the packet is decided based upon the reverse path of the packet rather than the forward path. RPF routers only forward packets that come into the interface that also holds the routing entry for the source of the packet, thus breaking any loop.

This is critically important in redundant multicast topologies. Because the same multicast packet could reach the same router via multiple interfaces, RPF checking is integral in the decision to forward packets or not. If the router forwarded all packets that come in interface A to interface B and it also forwarded all packets coming in interface B to interface A and both interfaces receive the same packet, this will create a classic routing loop where packets will be forwarded in both directions until their IP TTLs expire. Even considering TTL expiry, all types of routing loops are best avoided as they involve at least temporary network degradation.


...
Wikipedia

...