OSPFv3-based Intra-Domain Source-Address Validation Implementation
draft-tao-savi-savo-01
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | Tao Zijin | ||
Last updated | 2012-05-17 (Latest revision 2011-11-14) | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This memo describes SAVO SAVI, a source address validation mechanism for IPv6 networks based on the OSPFv3 protocol within Intra-Domain field. The proposed mechanism is intended to complement ingress filtering techniques to provide a higher granularity on the control of the forged source addresses and it can deal with the asymmetric routing for which the common uRPF scheme ([RFC2827]) may fail. The proposed SAVO mechanism does not need any additional communication between the routers in which the SAVO mechanism has been implemented and deployed. It can be incrementally deployed by the network manager and when it is only partially deployed it still helps to restrict the effect of the source address forging. It provides proactive incentives for the users who deploy it for they will be able to filter the packets with forged source address to a certain range, especially when the forged addresses are in the range of OSPF route prefixes.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)