Protecting the Router Control Plane
RFC 6192, “Protecting the Router Control Plane”, is an Informational document published in March 2011 by D. Dugal, C. Pignataro, R. Dunn. The canonical text is published by the RFC Editor.
Abstract
This memo provides a method for protecting a router's control plane from undesired or malicious traffic. In this approach, all legitimate router control plane traffic is identified. Once legitimate traffic has been identified, a filter is deployed in the router's forwarding plane. That filter prevents traffic not specifically identified as legitimate from reaching the router's control plane, or rate-limits such traffic to an acceptable level.
Note that the filters described in this memo are applied only to traffic that is destined for the router, and not to all traffic that is passing through the router. This document is not an Internet Standards Track specification; it is published for informational purposes.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 6192 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 6191 Reducing the TIME-WAIT State Using TCP Timestamps
- RFC 6193 Media Description for the Internet Key Exchange Protocol in the Session Description Protocol
- RFC 6190 RTP Payload Format for Scalable Video Coding
- RFC 6194 Security Considerations for the SHA-0 and SHA-1 Message-Digest Algorithms
- RFC 6189 ZRTP: Media Path Key Agreement for Unicast Secure RTP
- RFC 6195 Domain Name System IANA Considerations
- RFC 6188 The Use of AES-192 and AES-256 in Secure RTP
- RFC 6196 Moving mailserver: URI Scheme to Historic