[OPSEC] RFC 6192 on Protecting the Router Control Plane
rfc-editor@rfc-editor.org Wed, 30 March 2011 22:33 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AA00628C1B2; Wed, 30 Mar 2011 15:33:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.401
X-Spam-Level:
X-Spam-Status: No, score=-102.401 tagged_above=-999 required=5 tests=[AWL=0.199, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FWmF2heIPMO6; Wed, 30 Mar 2011 15:33:29 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1890:1112:1::2f]) by core3.amsl.com (Postfix) with ESMTP id 4ABEC28C191; Wed, 30 Mar 2011 15:33:29 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id AC962E0773; Wed, 30 Mar 2011 15:34:58 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
From: rfc-editor@rfc-editor.org
Message-Id: <20110330223458.AC962E0773@rfc-editor.org>
Date: Wed, 30 Mar 2011 15:34:58 -0700
Cc: opsec@ietf.org, rfc-editor@rfc-editor.org
Subject: [OPSEC] RFC 6192 on Protecting the Router Control Plane
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Mar 2011 22:33:30 -0000
A new Request for Comments is now available in online RFC libraries. RFC 6192 Title: Protecting the Router Control Plane Author: D. Dugal, C. Pignataro, R. Dunn Status: Informational Stream: IETF Date: March 2011 Mailbox: dave@juniper.net, cpignata@cisco.com, rodunn@cisco.com Pages: 25 Characters: 49422 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-ietf-opsec-protect-control-plane-06.txt URL: http://www.rfc-editor.org/rfc/rfc6192.txt This memo provides a method for protecting a router's control plane from undesired or malicious traffic. In this approach, all legitimate router control plane traffic is identified. Once legitimate traffic has been identified, a filter is deployed in the router's forwarding plane. That filter prevents traffic not specifically identified as legitimate from reaching the router's control plane, or rate-limits such traffic to an acceptable level. Note that the filters described in this memo are applied only to traffic that is destined for the router, and not to all traffic that is passing through the router. This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Operational Security Capabilities for IP Network Infrastructure Working Group of the IETF. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see http://www.ietf.org/mailman/listinfo/ietf-announce http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html. For downloading RFCs, see http://www.rfc-editor.org/rfc.html. Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC