Search RFCs
- File formats:
- Status:
- BEST CURRENT PRACTICE
- Authors:
- J. Durand
I. Pepelnjak
G. Doering - Stream:
- IETF
- Source:
- opsec (ops)
Discuss this RFC: Send questions or comments to the mailing listiesg@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC
Abstract
The Border Gateway Protocol (BGP) is the protocol almost exclusivelyused in the Internet to exchange routing information between networkdomains. Due to this central nature, it is important to understandthe security measures that can and should be deployed to preventaccidental or intentional routing disturbances.
This document describes measures to protect the BGP sessions itselfsuch as Time to Live (TTL), the TCP Authentication Option (TCP-AO),and control-plane filtering. It also describes measures to bettercontrol the flow of routing information, using prefix filtering andautomation of prefix filters, max-prefix filtering, Autonomous System(AS) path filtering, route flap dampening, and BGP communityscrubbing.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.