File formats:

Status:

EXPERIMENTAL

Obsoleted by:

RFC 5082

Authors:

V. Gill
J. Heasley
D. Meyer

Stream:

INDEPENDENT

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC3682

Discuss this RFC: Send questions or comments to the mailing list rfc-ise@rfc-editor.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 3682

Abstract

The use of a packet's Time to Live (TTL) (IPv4) or Hop Limit (IPv6) to protect a protocol stack from CPU-utilization based attacks has been proposed in many settings (see for example, RFC 2461). This document generalizes these techniques for use by other protocols such as BGP (RFC 1771), Multicast Source Discovery Protocol (MSDP), Bidirectional Forwarding Detection, and Label Distribution Protocol (LDP) (RFC 3036). While the Generalized TTL Security Mechanism (GTSM) is most effective in protecting directly connected protocol peers, it can also provide a lower level of protection to multi-hop sessions. GTSM is not directly applicable to protocols employing flooding mechanisms (e.g., multicast), and use of multi-hop GTSM should be considered on a case-by-case basis. This memo defines an Experimental Protocol for the Internet community.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.