RFC 3704 · BEST CURRENT PRACTICE · 2004 SUN · 14 JUN 2026

Ingress Filtering for Multihomed Networks

By F. Baker, P. Savola · Published March 2004 · DOI 10.17487/RFC3704

Overview

RFC 3704, “Ingress Filtering for Multihomed Networks”, is a Best Current Practice document published in March 2004 by F. Baker, P. Savola. It updates RFC 2827. It has since been updated by RFC 8704. The canonical text is published by the RFC Editor.

Abstract

BCP 38, RFC 2827, is designed to limit the impact of distributed denial of service attacks, by denying traffic with spoofed addresses access to the network, and to help ensure that traffic is traceable to its correct source network. As a side effect of protecting the Internet against such attacks, the network implementing the solution also protects itself from this and other attacks, such as spoofed management access to networking equipment. There are cases when this may create problems, e.g., with multihoming. This document describes the current ingress filtering operational mechanisms, examines generic issues related to ingress filtering, and delves into the effects on multihoming in particular. This memo updates RFC 2827. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.

Abstract as published in the RFC, via rfc-editor.org.

What “Best Current Practice” means

Documents the IETF community's recommended operational or procedural practice rather than a protocol specification.

Read this RFC

The canonical text of RFC 3704 is hosted at rfc-editor.org. Available in TXT,HTML.

Read on rfc-editor.org Plain text › HTML › IETF Datatracker › DOI link ›

Relationships to other RFCs

This RFC updates: RFC 2827
Updated by: RFC 8704

Other RFCs from 2004

Abstract

What “Best Current Practice” means

Who Is Online