Filtering and Rate Limiting Capabilities for IP Network Infrastructure
draft-ietf-opsec-filter-caps-09

Document Type Expired Internet-Draft (opsec WG)
Last updated 2015-10-14 (latest revision 2007-07-13)
Stream IETF
Intended RFC status Best Current Practice
Formats
Expired & archived
plain text pdf html bibtex
Reviews
Stream WG state WG Document
Document shepherd No shepherd assigned
IESG IESG state Expired (IESG: Dead)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Ron Bonica
Send notices to vishwas@ipinfusion.com, gmj3871@pobox.com, chris@uu.net

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-ietf-opsec-filter-caps-09.txt

Abstract

[RFC4778] lists operator practices related to securing networks. This document lists filtering and rate limiting capabilities needed to support those practices. Capabilities are limited to filtering and rate limiting packets as they enter or leave the device. Route filters and service specific filters (e.g. SNMP, telnet) are not addressed. Capabilities are defined without reference to specific technologies. This is done to leave room for deployment of new technologies that implement the capability. Each capability cites the practices it supports. Current implementations that support the capability are cited. Special considerations are discussed as appropriate listing operational and resource constraints, limitations of current implementations, trade-offs, etc.

Authors

Christopher Morrow (christopher.morrow@gmail.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)