A General Framework of Source Address Validation and Traceback for IPv4/IPv6 Transition Scenarios
draft-xu-savi-transition-05

The information below is for an old version of the document
Document Type Expired Internet-Draft (individual)
Last updated 2014-11-10 (latest revision 2014-05-04)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-xu-savi-transition-05.txt

Abstract

SAVI (Source Address Validation Improvement) is an excellent mechanism for anti-IP-spoofing, which was advocated by IETF but only focused on single-stack or simple network scenarios right now. To the best of our knowledge, existing studies have not paid attention to the IPv4/IPv6 transition scenarios. However, since IPv4/IPv6 transition schemes are plenty and various, one solution cannot meet all requirements of them. In this draft, we present a SAVI-based general framework for IP source address validation and traceback in the IPv4/IPv6 transition scenarios, which achieve this by extracting out essential and mutual properties from these schemes, and forming sub-solutions for each property. When one transition scheme is composed from various properties, its IP source address validation and traceback solution is directly comprised by the corresponding sub-solutions. Thus, the most exciting advantage of this framework is that it is a once-and-for-all solution no matter how transition schemes change.

Authors

Hui Deng (xuke@mail.tsinghua.edu.cn)
Guangwu Hu (huguangwu@gmail.com)
Jun Bi (junbi@tsinghua.edu.cn)
Mingwei Xu (xmw@csnet1.cs.tsinghua.edu.cn)
Fan Shi (shifan@ctbri.com.cn)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)