Electronic International Standard Serial Number (EISSN)
1558-1896
abstract
In this article we describe Source Address Validation Implementation (SAVI), a security architecture being standardized by the IETF to prevent source address spoofing within a link. SAVI devices, usually layer 2 switches, create bindings between the IP address of a node and a property of the host¿s network attachment, such as the port through which the packet is received. Bindings are created by monitoring the packet exchange associated with IP address configuration mechanisms such as DHCP, SLAAC, or SEND. SAVI devices filter out packets whose source IP address does not match with an existing binding.In this article we describe Source Address Validation Implementation (SAVI), a security architecture being standardized by the IETF to prevent source address spoofing within a link. SAVI devices, usually layer 2 switches, create bindings between the IP address of a node and a property of the host¿s network attachment, such as the port through which the packet is received. Bindings are created by monitoring the packet exchange associated with IP address configuration mechanisms such as DHCP, SLAAC, or SEND. SAVI devices filter out packets whose source IP address does not match with an existing binding.