In T244147 we deployed uRPF loose mode to drop traffic from bogon IPs.
Our borders filters prevent customers (external) to spoof our own IP space, as well as use private space.
As good internet citizen we should also ensure that they can't spoof any other public IPs.
That's what uRPF strict mode is for.
If the router receives a packet on an interface with uRPF strict mode configured, it will check if it has a route back to that IP through the same interface. If not, the packet will be dropped.
We're keeping unicast-reverse-path feasible-paths to also consider non-active paths.
And we will use fail-filter log-only first to make sure no legit traffic is being dropped.