BGP Route Selection Notice
The present Internet is not trustworthy, partially because the routing system forwards packets only according to destination IP address. Forged packets with mendacious source IP address will also be brought to the destination, which can be utilized to compromise the destination machine. In this paper, we propose to enhance BGP by adding Route Selection Notice functionality. With BGP Route Selection Notice, Autonomous Systems can validate the authenticity of incoming IP packets and filter out improper packets to make routing infrastructure offer support to trustworthy service. BGP Route Selection Notice does not impair the routing function of BGP and with proper design its bandwidth cost and convergence delay is acceptable which is proved by our simulation.
KeywordsVertex Cover Convergence Time Address Space Route Selection Source Address
Unable to display preview. Download preview PDF.
- 1.Rekhter, Y., Li, T.: A Border Gateway Protocol 4(BGP-4). RFC 1771 (1995)Google Scholar
- 3.Park, K., Lee, H.: On the effectiveness of route-based packet filtering for distributed DoS attack prevention in power-law internets. In: Proceedings of ACM SIGCOMM, vol. 31(4), pp. 15–26 (2001)Google Scholar
- 5.Baker, F.: Requirements for IP Version 4 Routers. RFC 1812 (1995)Google Scholar
- 6.Ferguson, P., Senie, D.: Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing. RFC 2827 (1998)Google Scholar
- 7.Bremler-Barr, A., Levy, H.: Spoofing prevention method. In: Proceedings of IEEE INFOCOM, pp. 536–547 (2005)Google Scholar
- 8.Li, J., Mirkovic, J., Wang, M., Reiher, M., Zhang, L.: SAVE: Source address validity enforcement protocol. In: Proceedings of IEEE INFOCOM, vol. 3, pp. 1557–1566 (2002)Google Scholar
- 9.SSFNet project, http://www.ssfnet.org/
- 10.Premore, B.: Multi-as topologies from BGP routing tables, http://www.ssfnet.org/Exchange/gallery/asgraph/index.html