Filtering and Rate Limiting Capabilities for IP Network Infrastructure
draft-ietf-opsec-filter-caps-09
Document | Type |
Expired Internet-Draft
(opsec WG)
Expired & archived
|
|
---|---|---|---|
Author | Chris Morrow | ||
Last updated | 2015-10-14 (Latest revision 2007-07-13) | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Intended RFC status | Best Current Practice | ||
Formats | |||
Reviews | |||
Additional resources | Mailing list discussion | ||
Stream | WG state | WG Document | |
Document shepherd | (None) | ||
IESG | IESG state | Expired (IESG: Dead) | |
Action Holders |
(None)
|
||
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | Ron Bonica | ||
Send notices to | vishwas@ipinfusion.com, gmj3871@pobox.com, chris@uu.net |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
[RFC4778] lists operator practices related to securing networks. This document lists filtering and rate limiting capabilities needed to support those practices. Capabilities are limited to filtering and rate limiting packets as they enter or leave the device. Route filters and service specific filters (e.g. SNMP, telnet) are not addressed. Capabilities are defined without reference to specific technologies. This is done to leave room for deployment of new technologies that implement the capability. Each capability cites the practices it supports. Current implementations that support the capability are cited. Special considerations are discussed as appropriate listing operational and resource constraints, limitations of current implementations, trade-offs, etc.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)