Browse Prior Art Database

Changing the Default for Directed Broadcasts in Routers (RFC2644)

IP.com Disclosure Number: IPCOM000003232D
Original Publication Date: 1999-Aug-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 3 page(s) / 6K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

D. Senie: AUTHOR

Abstract

Router Requirements [1] specifies that routers must receive and forward directed broadcasts. It also specifies that routers MUST have an option to disable this feature, and that this option MUST default to permit the receiving and forwarding of directed broadcasts. While directed broadcasts have uses, their use on the Internet backbone appears to be comprised entirely of malicious attacks on other networks.

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 43% of the total text.

Network Working Group D. Senie

Request for Comments: 2644 Amaranth Networks Inc.

Updates: 1812 August 1999

BCP: 34

Category: Best Current Practice

Changing the Default for Directed Broadcasts in Routers

Status of this Memo

This document specifies an Internet Best Current Practices for the

Internet Community, and requests discussion and suggestions for

improvements. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1999). All Rights Reserved.

1. Introduction

Router Requirements [1] specifies that routers must receive and

forward directed broadcasts. It also specifies that routers MUST have

an option to disable this feature, and that this option MUST default

to permit the receiving and forwarding of directed broadcasts. While

directed broadcasts have uses, their use on the Internet backbone

appears to be comprised entirely of malicious attacks on other

networks.

Changing the required default for routers would help ensure new

routers connected to the Internet do not add to the problems already

present.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",

"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this

document are to be interpreted as described in RFC 2119.

2. Discussion

Damaging denial of service attacks led to the writing of [2] on

Ingress Filtering. Many network providers and corporate networks have

endorsed the use of these methods to ensure their networks are not

the source of such attacks.

A recent trend in Smurf Attacks [3] is to target networks which

permit directed broadcasts from outside their networks. By permitting

directed broadcasts, these systems become "Smurf Amplifiers."

While the continued implementation of ingress filters remains the

best way to limit these attacks, restricting directed broadcasts

should also receive priority.

Network service providers and corporate network operators are urged

to ensure their networks are not susceptible to directed broadcast

packets originating outside their networks.

Mobile IP [4] had provisions for using directed broadcasts in a

mobile node's use of dynamic agent discovery. While some

implementations support this feature, it is unclear whether it is

useful. Other methods of achieving the same result are documented in

[5]. It may be worthwhile to consider removing the language on using

directed broadcasts as Mobile IP progresses on the standards track.

3. Recommendation

...