Unicast Reverse Path Forwarding (URPF) is a function
that checks the validity of the source address of IP
packets received on an interface. This in an attempt
to prevent Denial of Service attacks based on IP address
spoofing.
URPF checks validity of a source address by determining
whether the packet would be successfully routed as a
destination address.
Based on configuration, the check made can be for existence
of any route for the address, or more strictly for a route
out the interface on which the packet was received by the
device. When a violating packet is detected, it can be dropped.
This MIB allows detection of spoofing events.
This notification is generated when
fsUrpfIfDropRateNotifyEnable is set to true and
the calculated URPF drop rate (fsUrpfIfDropRate)
exceeds the notification threshold drop rate
(fsUrpfIfNotifyDropRateThreshold). Note the
exceptional value of 0 for threshold allows notification
generation if any drop events occur in an interval.
After generating this notification, another such
notification will not be sent out for a minimum of five
minutes (note the exception to this provided by
fsUrpfIfNotifyDrHoldDownReset).
The object value present in the notification is the
the drop rate that exceeded the threshold.