Skip to main content

Source Address Validation Using BGP UPDATEs, ASPA, and ROA (BAR-SAV)

Document Type Replaced Internet-Draft (sidrops WG)
Expired & archived
Authors Kotikalapudi Sriram , Igor Lubashev , Doug Montgomery
Last updated 2023-01-16 (Latest revision 2022-12-17)
Replaced by draft-ietf-sidrops-bar-sav
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Candidate for WG Adoption
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-sidrops-bar-sav
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


Designing an efficient source address validation (SAV) filter requires minimizing false positives (i.e., avoiding dropping legitimate traffic) while maintaining directionality (see RFC8704). This document advances the technology for SAV filter design through a method that makes use of BGP UPDATE messages, Autonomous System Provider Authorization (ASPA), and Route Origin Authorization (ROA). The proposed method's name is abbreviated as BAR-SAV. BAR-SAV can be used by network operators to derive more robust SAV filters and thus improve network resilience.


Kotikalapudi Sriram
Igor Lubashev
Doug Montgomery

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)