OSPFv3 Destination Address Filter
draft-lindem-ospfv3-dest-filter-03

Document Type Expired Internet-Draft (individual)
Last updated 2004-09-29
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-lindem-ospfv3-dest-filter-03.txt

Abstract

OSPFv2 has been criticized for it vulnerability to Denial of Service (DOS) attacks. With OSPFv3, it is a simple matter to filter on the destination address at an implementation dependent level in order to limit the scope of DOS attacks to directly attached routers. Unlike hop limit checking mechanisms, it is compatible with the existing OSPFv3 behavior. However, this level of protection will preclude the deployment of virtual links in topologies where the filtering is applied.

Authors

Acee Lindem (acee.lindem@ericsson.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)