blank.gif (43 bytes)

Church Of The
Swimming Elephant

Search:
5.3.8 Source Address Validation Connected: An Internet Encyclopedia
5.3.8 Source Address Validation

Up: Connected: An Internet Encyclopedia
Up: Requests For Comments
Up: RFC 1812
Up: 5. INTERNET LAYER - FORWARDING
Up: 5.3 SPECIFIC ISSUES
Prev: 5.3.7 Martian Address Filtering
Next: 5.3.9 Packet Filtering and Access Lists

5.3.8 Source Address Validation

5.3.8 Source Address Validation

A router SHOULD IMPLEMENT the ability to filter traffic based on a comparison of the source address of a packet and the forwarding table for a logical interface on which the packet was received. If this filtering is enabled, the router MUST silently discard a packet if the interface on which the packet was received is not the interface on which a packet would be forwarded to reach the address contained in the source address. In simpler terms, if a router wouldn't route a packet containing this address through a particular interface, it shouldn't believe the address if it appears as a source address in a packet read from this interface.

If this feature is implemented, it MUST be disabled by default.

DISCUSSION

This feature can provide useful security improvements in some situations, but can erroneously discard valid packets in situations where paths are asymmetric.


Next: 5.3.9 Packet Filtering and Access Lists

Connected: An Internet Encyclopedia
5.3.8 Source Address Validation

Cotse.Net

Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!

Service Details

 
.
www.cotse.com
Have you gone to church today?
.
All pages ©1999, 2000, 2001, 2002, 2003 Church of the Swimming Elephant unless otherwise stated
Church of the Swimming Elephant©1999, 2000, 2001, 2002, 2003 Cotse.com.
Cotse.com is a wholly owned subsidiary of Packetderm, LLC.

Packetderm, LLC
210 Park Ave #308
Worcester, MA 01609