A General Framework of Source Address Validation and Traceback for IPv4/IPv6 Transition Scenarios
draft-xu-savi-transition-14

Document Type Expired Internet-Draft (individual)
Last updated 2019-05-09 (latest revision 2018-11-05)
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-xu-savi-transition-14.txt

Abstract

SAVI (Source Address Validation Improvement) is an excellent mechanism for anti-IP-spoofing, which was advocated by IETF but only focused on single-stack or simple network scenarios right now. To the best of our knowledge, existing studies have not paid attention to the IPv4/IPv6 transition scenarios. However, since IPv4/IPv6 transition schemes are plenty and various, one solution cannot meet all requirements of them. In this draft, we present a SAVI-based general framework for IP source address validation and traceback in the IPv4/IPv6 transition scenarios, which achieve this by extracting out essential and mutual properties from these schemes, and forming sub-solutions for each property. When one transition scheme is composed from various properties, its IP source address validation and traceback solution is directly comprised by the corresponding sub-solutions. Thus, the most exciting advantage of this framework is that it is a once-and-for-all solution no matter how transition schemes change. Till now, this proposal was approved by China Communications Standards Association (CCSA), and we will actively promote it to apply real network scenarios.

Authors

Hui Deng (xuke@mail.tsinghua.edu.cn)
Guangwu Hu (hgw09@mails.tsinghua.edu.cn)
Jun Bi (junbi@tsinghua.edu.cn)
Mingwei Xu (xmw@csnet1.cs.tsinghua.edu.cn)
Fan Shi (shifan@ctbri.com.cn)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)