BCP 194, RFC 7454 on BGP Operations and Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A new Request for Comments is now available in online RFC libraries.

        BCP 194        
        RFC 7454

        Title:      BGP Operations and Security 
        Author:     J. Durand, I. Pepelnjak, G. Doering
        Status:     Best Current Practice
        Stream:     IETF
        Date:       February 2015
        Mailbox:    jerduran@cisco.com, 
                    ip@ipspace.net, 
                    gert@space.net
        Pages:      26
        Characters: 56946
        See Also:   BCP 194

        I-D Tag:    draft-ietf-opsec-bgp-security-07.txt

        URL:        https://www.rfc-editor.org/info/rfc7454

The Border Gateway Protocol (BGP) is the protocol almost exclusively
used in the Internet to exchange routing information between network
domains.  Due to this central nature, it is important to understand
the security measures that can and should be deployed to prevent
accidental or intentional routing disturbances.

This document describes measures to protect the BGP sessions itself
such as Time to Live (TTL), the TCP Authentication Option (TCP-AO),
and control-plane filtering.  It also describes measures to better
control the flow of routing information, using prefix filtering and
automation of prefix filters, max-prefix filtering, Autonomous System
(AS) path filtering, route flap dampening, and BGP community
scrubbing.

This document is a product of the Operational Security Capabilities for IP Network Infrastructure Working Group of the IETF.


BCP: This document specifies an Internet Best Current Practices for the
Internet Community, and requests discussion and suggestions for 
improvements. Distribution of this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/rfc.html

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux