FS-URPF-MIB

        Unicast Reverse Path Forwarding (URPF) is a function 
that checks the validity of the source address of IP 
packets received on an interface. This in an attempt 
to prevent Denial of Service attacks based on IP address 
spoofing.
        
URPF checks validity of a source address by determining
whether the packet would be successfully routed as a
destination address.
        
Based on configuration, the check made can be for existence
of any route for the address, or more strictly for a route
out the interface on which the packet was received by the 
device. When a violating packet is detected, it can be dropped.
        
This MIB allows detection of spoofing events.

Imported Objects

fsMgmtFS-SMI
ifIndexIF-MIB
SnmpAdminStringSNMP-FRAMEWORK-MIB
MODULE-COMPLIANCE, NOTIFICATION-GROUP, OBJECT-GROUPSNMPv2-CONF
MODULE-IDENTITY, OBJECT-TYPE, Gauge32, Integer32, Counter32, Unsigned32, NOTIFICATION-TYPESNMPv2-SMI
TruthValueSNMPv2-TC

Objects

fsUrpfMIB .1.3.6.1.4.1.52642.1.1.10.2.46
fsUrpfMIBObjects .1.3.6.1.4.1.52642.1.1.10.2.46.0
fsUrpfScalar .1.3.6.1.4.1.52642.1.1.10.2.46.0.1
fsUrpfComputeInterval .1.3.6.1.4.1.52642.1.1.10.2.46.0.1.1
fsUrpfDropRateWindow .1.3.6.1.4.1.52642.1.1.10.2.46.0.1.2
fsUrpfDropNotifyHoldDownTime .1.3.6.1.4.1.52642.1.1.10.2.46.0.1.3
fsUrpfStatistics .1.3.6.1.4.1.52642.1.1.10.2.46.0.2
fsUrpfTable .1.3.6.1.4.1.52642.1.1.10.2.46.0.2.1
fsUrpfEntry .1.3.6.1.4.1.52642.1.1.10.2.46.0.2.1.1
fsUrpfIpVersion .1.3.6.1.4.1.52642.1.1.10.2.46.0.2.1.1.1
fsUrpfDrops
.1.3.6.1.4.1.52642.1.1.10.2.46.0.2.1.1.2
fsUrpfDropRate
.1.3.6.1.4.1.52642.1.1.10.2.46.0.2.1.1.3
fsUrpfIfMonTable .1.3.6.1.4.1.52642.1.1.10.2.46.0.2.2
fsUrpfIfMonEntry
.1.3.6.1.4.1.52642.1.1.10.2.46.0.2.2.1
fsUrpfIfIpVersion .1.3.6.1.4.1.52642.1.1.10.2.46.0.2.2.1.1
fsUrpfIfDrops
.1.3.6.1.4.1.52642.1.1.10.2.46.0.2.2.1.2
fsUrpfIfDropRate
.1.3.6.1.4.1.52642.1.1.10.2.46.0.2.2.1.3
fsUrpfInterfaceConfig .1.3.6.1.4.1.52642.1.1.10.2.46.0.3
fsUrpfIfConfTable .1.3.6.1.4.1.52642.1.1.10.2.46.0.3.1
fsUrpfIfConfEntry .1.3.6.1.4.1.52642.1.1.10.2.46.0.3.1.1
fsUrpfIfCheckStrict .1.3.6.1.4.1.52642.1.1.10.2.46.0.3.1.1.1
fsUrpfIfDropRateNotifyEnable
.1.3.6.1.4.1.52642.1.1.10.2.46.0.3.1.1.2
fsUrpfIfNotifyDropRateThreshold .1.3.6.1.4.1.52642.1.1.10.2.46.0.3.1.1.3
fsUrpfIfNotifyDrHoldDownReset
.1.3.6.1.4.1.52642.1.1.10.2.46.0.3.1.1.4
fsUrpfIfWhichRouteTableID .1.3.6.1.4.1.52642.1.1.10.2.46.0.3.1.1.5
fsUrpfIfVrfName .1.3.6.1.4.1.52642.1.1.10.2.46.0.3.1.1.6
fsUrpfMIBNotifs .1.3.6.1.4.1.52642.1.1.10.2.46.1
fsUrpfMIBConformance .1.3.6.1.4.1.52642.1.1.10.2.46.2
fsUrpfMIBCompliances .1.3.6.1.4.1.52642.1.1.10.2.46.2.1
fsUrpfMIBGroups .1.3.6.1.4.1.52642.1.1.10.2.46.2.2

Notifications/Traps

NameOIDDescription
fsUrpfIfDropRateNotify

.1.3.6.1.4.1.52642.1.1.10.2.46.1.1
This notification is generated when 
fsUrpfIfDropRateNotifyEnable is set to true and
the calculated URPF drop rate (fsUrpfIfDropRate) 
exceeds the notification threshold drop rate 
(fsUrpfIfNotifyDropRateThreshold). Note the 
exceptional value of 0 for threshold allows notification 
generation if any drop events occur in an interval.
          
After generating this notification, another such
notification will not be sent out for a minimum of five 
minutes (note the exception to this provided by 
fsUrpfIfNotifyDrHoldDownReset).
          
The object value present in the notification is the 
the drop rate that exceeded the threshold.