Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Layer-3 VPN Import/Export Verification
draft-behringer-mpls-vpn-auth-04

Versions:

This document is an Internet-Draft (I-D). Anyone may submit an I-D to the IETF. This I-D is not endorsed by the IETF and has no formal standing in the IETF standards process.

Document	Type	Expired Internet-Draft (individual) Expired & archived
	Authors	Michael H. Behringer , Jim Guichard , Pedro R. Marques
	Last updated	2004-06-04
	RFC stream	(None)
	Intended RFC status	(None)
	Formats	txt htmlized bibtex bibxml
Stream	Stream state	(No stream defined)
	Consensus boilerplate	Unknown
	RFC Editor Note	(None)
IESG	IESG state	Expired
	Telechat date	(None)
	Responsible AD	(None)
	Send notices to	(None)

Email authors IPR 2 References Referenced by Nits Search email archive

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

txt htmlized bibtex bibxml

Abstract

Configuration errors on Provider Edge (PE) routers in Layer-3 VPN networks based on [RFC2547] can lead to security breaches of the connected VPNs. For example, the PE router could be mistakenly configured such that a connected Customer Edge (CE) router belongs to an incorrect VPN. Here we propose a scheme that verifies local and remote routing information received by the PE router before it installs new VPN routes into the Virtual Routing & Forwarding Instance (VRF). The proposed changes affect only the PE routers.

Authors

Michael H. Behringer
Jim Guichard
Pedro R. Marques

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)

Layer-3 VPN Import/Export Verification draft-behringer-mpls-vpn-auth-04

Layer-3 VPN Import/Export Verification
draft-behringer-mpls-vpn-auth-04