RPF检测

RPF Check: In order to forward a multicast datagram, arouter checks if the packet is received on the interface it would use to forward a unicast packet back to the source
==>If the RPF check succeeds, the router forwards the packet
==>If the RPF check fails, the packet silently discarded

Reverse Path Forwarding

IP multicasting uses reverse path forwarding (RPF) to verify that a router receives a multicast packet on the correct incoming interface. The RPF algorithm allows a router to accept a multicast datagram only on the interface from which the router would send a unicast datagram to the source of the multicast datagram.

Figure 4-1 illustrates reverse path forwarding in a network where all routers run dense-mode multicasting protocols. Routers that receive a multicast datagram associated with a group for which they have no hosts return prune messages upstream toward the source of the datagram. Upstream routers do not forward subsequent multicast datagrams to routers from which they receive prune messages. This technique creates a source-rooted tree (SRT), also known as a shortest-path tree (SPT), — a structure that connects the source of a datagram to subnetworks of a multicast group through the shortest path. For more information on dense-mode protocols, see PIM DM, later in this chapter.

When all routers in a network are running sparse-mode multicast protocols, the routers forward a multicast datagram only to other routers with downstream members of the groups associated with the datagram. Routers running sparse-mode protocols forward multicast traffic only when explicitly requested to do so, whereas routers running dense-mode protocols forward multicast traffic except when explicitly requested not to do so. For more information on sparse-mode protocols, see PIM SM, later in this chapter.

RPF may take place through static routes, dynamic routes, or local subnets. You can define static routes for this purpose and view information associated with RPF routes.

Figure 4-1 Reverse path forwarding in a dense-mode environment

RPF检查其实不单单应用在组播里面,很多时候在安全里面也常用它避免smurf的攻击,比如如果一个路由器从一个接口收到一个报文的时候,根据源地址检查路由表,如果源地址在路由表中的接口和进来的相同,那么正常转发,否则丢弃,从而可以有效的避免smurf攻击。