SAVI: The IETF Standard in Address Validation
Articles
Overview
published in
- IEEE COMMUNICATIONS MAGAZINE Journal
publication date
- April 2013
start page
- 66
end page
- 73
issue
- 4
volume
- 51
Digital Object Identifier (DOI)
full text
International Standard Serial Number (ISSN)
- 0163-6804
Electronic International Standard Serial Number (EISSN)
- 1558-1896
abstract
- In this article we describe Source Address Validation Implementation (SAVI), a security architecture being standardized by the IETF to prevent source address spoofing within a link. SAVI devices, usually layer 2 switches, create bindings between the IP address of a node and a property of the host¿s network attachment, such as the port through which the packet is received. Bindings are created by monitoring the packet exchange associated with IP address configuration mechanisms such as DHCP, SLAAC, or SEND. SAVI devices filter out packets whose source IP address does not match with an existing binding.In this article we describe Source Address Validation Implementation (SAVI), a security architecture being standardized by the IETF to prevent source address spoofing within a link. SAVI devices, usually layer 2 switches, create bindings between the IP address of a node and a property of the host¿s network attachment, such as the port through which the packet is received. Bindings are created by monitoring the packet exchange associated with IP address configuration mechanisms such as DHCP, SLAAC, or SEND. SAVI devices filter out packets whose source IP address does not match with an existing binding.
Classification
subjects
- Telecommunications