{"draft":"draft-ietf-opsec-bgp-security-07","doc_id":"RFC7454","title":"BGP Operations and Security","authors":["J. Durand","I. Pepelnjak","G. Doering"],"format":["ASCII","HTML"],"page_count":"26","pub_status":"BEST CURRENT PRACTICE","status":"BEST CURRENT PRACTICE","source":"Operational Security Capabilities for IP Network Infrastructure","abstract":"The Border Gateway Protocol (BGP) is the protocol almost exclusively\r\nused in the Internet to exchange routing information between network\r\ndomains.  Due to this central nature, it is important to understand\r\nthe security measures that can and should be deployed to prevent\r\naccidental or intentional routing disturbances.\r\n\r\nThis document describes measures to protect the BGP sessions itself\r\nsuch as Time to Live (TTL), the TCP Authentication Option (TCP-AO),\r\nand control-plane filtering.  It also describes measures to better\r\ncontrol the flow of routing information, using prefix filtering and\r\nautomation of prefix filters, max-prefix filtering, Autonomous System\r\n(AS) path filtering, route flap dampening, and BGP community\r\nscrubbing.","pub_date":"February 2015","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":["BCP0194"],"doi":"10.17487\/RFC7454","errata_url":null}