Technical Summary
The use of a packet's Time to Live (TTL) (IPv4) or Hop Limit (IPv6)
to verify whether the packet was originated by an adjacent node on a
connected link has been used in many recent protocols. This document
generalizes this technique. This document obsoletes RFC 3682.
Working Group Summary
No dissent reported. This document defines an easy-to-deploy
(ie easy to configure) and computationally simple / efficient
mechanism which might be considered to be less robust than
cryptographic authentication techniques, and as such there is
inevitably some difference of opinion regarding how valuable
this is. On many platforms this technique is computationally
significantly more efficient than cryptographic authentication
methods, and therefore may be more effective against DOS attacks.
Protocol Quality
Ross Callon has reviewed this spec for the IESG. This document
updates an experimental RFC that is implemented and widely deployed.
RFC Editor's Note:
The last sentence of section 4 is not actually a sentence. It
currently reads:
During and after the IETF Last Call, Francis Dupont, Sam
Hartman, Lars Eggert, and Ross Callon.
This should be changed to be:
During and after the IETF last call, useful comments were
provided by Francis Dupont, Sam Hartman, Lars Eggert, and Ross
Callon.