IP
Click on the red underlined text to get to the source
... operational functions for the Public Internet. The exact policies for
IP unicast address allocation and management continue to be the
...
... Internet, and could express
such reachability through a single IP address prefix the document
suggests to use the "address ownership" policy. However, applying the
...
... On the intrinsic value of IP addresses ...
... unicast addresses is the (finite) set
of integers in the range 0x00000000 - 0xDFFFFFFF. IP addresses are
used for Network Layer ...
... Layer (IP) routing. An IP address is the sole piece
of information about the node injected into the routing system ...
...
The notable semantics of an IP unicast address is its ability to
interact with the Public Internet ...
... the Public Internet, it is the reachability of an IP address that
gives it an intrinsic value. Observe, however, that IP addresses are
...
... reachability of an IP address that
gives it an intrinsic value. Observe, however, that IP addresses are
used outside of the Public Internet. This document does not cover the
...
... Internet) and its continued operation, including its
routing system, which gives an IP address its intrinsic value, rather
than the inverse. Consequently, if the Public Internet routing system ...
...
IP address allocation and management policy is a complex,
multifaceted issue. It covers a broad range ...
... do not require renumbering, renumbering may still be needed to
achieve Internet-wide IP connectivity. For example, an organization
may now receive Internet service from some provider ...
... prefix advertised by the new provider,
then the organization would not have IP connectivity to part of the
Internet. Among the possible solutions open to the organization may
...
... Internet and could express such
reachability through a single IP address prefix could expect that a
route with this prefix ...
...
For all other organizations that expect Internet-wide IP
connectivity, the reachability information they inject into the
...
... lending" policy, by itself, is sufficient to guarantee Internet-wide
IP connectivity. Therefore, we recommend that sites with addresses
allocated based on either policy should consult their providers about
...
...
If an organization doesn't require Internet-wide IP connectivity,
then address allocation for the organization could be done based on
...
... the "address ownership" policy. Here, the organization may still
maintain limited IP connectivity (e.g., with all the subscribers of
its direct provider ...
... addresses acquired via either policy vs. having connectivity via
mediating gateways (possibly augmented by limited IP connectivity)
using addresses acquired via "address ...
... Any address allocation and management policy for IP addresses used
for Internet connectivity must take into account its impact on the
...
...
It is highly inadvisable to rely upon unauthenticated source or
destination IP addresses for security policy decisions. [Bellovin89]
...
... security policy decisions. [Bellovin89]
IP address spoofing is not difficult with widely available systems,
such as personal computers. A better approach would probably involve
...
... spoofing is not difficult with widely available systems,
such as personal computers. A better approach would probably involve
the use of IP Security techniques, such as the IP Authentication
Header [RFC-1826] or IP Encapsulating Security Payload ...
... such as personal computers. A better approach would probably involve
the use of IP Security techniques, such as the IP Authentication
Header [RFC-1826] or IP Encapsulating Security Payload
...
... IP Security techniques, such as the IP Authentication
Header [RFC-1826] or IP Encapsulating Security Payload
[RFC-1827], at
...
... It is strongly desirable that authentication be present in any
mechanism used to renumber IP nodes. A renumbering mechanism that
lacks authentication could be used by an adversary to renumber
...
... Bellovin, S., "Security Problems in the TCP/IP Protocol Suite", ACM Computer Communications Review, Vol. 19, No. 2, March 1989. ...
... Rekhter, Y., and T. Li, "An Architecture for IP Address Allocation with CIDR", RFC 1518hist, September 1993. ...
... Atkinson, R., "IP Authentication Header (AH), RFC 1826(-> 2402(-> 4305(-> 4835prop) | 4302prop)), August 1995. ...
... Atkinson, R., "IP Encapsulating Security Payload (ESP)", RFC 1827(-> 2406(-> 4305(-> 4835prop) | 4303prop)), August 1995. ...