Abstract

Packet forwarding on the Internet is solely based on the destination address of packets, and it is easy to forge the source address of IP packets without affecting the delivery of the packets. To solve this problem, one can have routers check whether or not every packet comes from a correct direction based on its source address field. However, due to routing asymmetry in today’s Internet, a router cannot simply reverse its forwarding table to determine the correct incoming direction of a packet. In this paper, we present the source address validity enforcement protocol, SAVE, which allows routers to learn valid incoming directions for any given source address. SAVE is independent from—and can work with—any specific routing protocol. By only interfacing with the forwarding table at routers, SAVE allows routers to properly propagate valid source address information from source address spaces to all destinations, and …

Metadata

publication

Computer Networks 52 (2), 399-417, 2008

year

2008

publication date

2008/2/8

authors

Jun Li, Jelena Mirkovic, Toby Ehrenkranz, Mengqiu Wang, Peter Reiher, Lixia Zhang

link

https://www.sciencedirect.com/science/article/pii/S1389128607002794

resource_link

https://lasr.cs.ucla.edu/lasr-members/reiher/papers/save2007.pdf

journal

Computer Networks

volume

52

issue

2

pages

399-417

publisher

Elsevier