RFC 6860
Hiding Transit-Only Networks in OSPF, January 2013
- File formats:
- Status:
- PROPOSED STANDARD
- Updates:
- RFC 2328, RFC 5340
- Authors:
- Y. Yang
A. Retana
A. Roy - Stream:
- IETF
- Source:
- ospf (rtg)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC6860
Discuss this RFC: Send questions or comments to the mailing list lsr@ietf.org
Other actions: View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 6860
Abstract
A transit-only network is defined as a network connecting routers only. In OSPF, transit-only networks are usually configured with routable IP addresses, which are advertised in Link State Advertisements (LSAs) but are not needed for data traffic. In addition, remote attacks can be launched against routers by sending packets to these transit-only networks. This document presents a mechanism to hide transit-only networks to speed up network convergence and reduce vulnerability to remote attacks.
In the context of this document, 'hiding' implies that the prefixes are not installed in the routing tables on OSPF routers. In some cases, IP addresses may still be visible when using OSPFv2.
This document updates RFCs 2328 and 5340. [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.