A General Framework of Source Address Validation and Traceback for IPv4/IPv6 Transition Scenarios
IP spoofing is a critical breach regard to Internet security. With rapid development of the IPv6-based next generation Internet, this issue is more prominent since IPv6 Internet owns more spoofable IP address space. Existing IP anti-spoofing proposals, including SAVI (Source Address Validation Improvement) which was advocated by IETF, only focused on single-stack or simple network scenarios. To the best of our knowledge, none of them has paid attention to the IPv4/IPv6 transition scenarios. However, since IPv4/IPv6 transition schemes are plenty and various, one solution cannot meet all requirements of them. In this draft, we present a SAVI-based general framework for IP source address validation and traceback in the IPv4/IPv6 transition scenarios, which achieve this by extracting out essential and mutual properties from these schemes, and forming sub-solutions for each property. When one transition scheme is composed from various properties, its IP source address validation and traceback solution is directly comprised by the corresponding sub-solutions. Thus, the most exciting advantage of this framework is that it is a once-and- for-all solution no matter how transition schemes change.