[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[savi] Protection for Unused IP Addresses?

From: Christian Vogt <christian.vogt at ericsson.com>
To: SAVI Mailing List <savi at ietf.org>
Date: Thu, 13 Nov 2008 20:20:41 +0200

Folks,

one design question for SAVI that we haven't explicitly addressed so far
is whether SAVI should prevent the spoofing of unused IP addresses.  I
would like to solicit your comments on this topic.  Please consider
both, the benefits and the costs, which the protection of unused IP
addresses would yield or entail, respectively.

Note that there are good arguments for both approaches:  Preventing
spoofing of unused IP addresses will certainly help combating DDoS
attacks.  OTOH, it has the disadvantage that it may make a SAVI solution
more complex.  Also, in IPv6, the ability for hosts to obtain a new IP
address autonomously (via SLAAC) reduces the benefit of protecting
unused IP addresses, because an unused IP address can easily be turned
into a used one.

Comments and thoughts are welcome.

- Christian

Prev by Date: [savi] Summary Document on SAVI Design Decisions So Far
Next by Date: Re: [savi] Summary Document on SAVI Design Decisions So Far
Previous by thread: [savi] Summary Document on SAVI Design Decisions So Far
Next by thread: [savi] SAVI Meeting Agenda for IETF 73
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.