Anthony Sequeira, "BCP38 - RFC2827 Network Ingress Filtering: Defeat DoS with Forged Source Addresses
," October, 2015.
Source Destination Interface Source address
CDM CD-1 IPv6 2001:1F00:388::2 CD-1 CD-2 Bluetooth 01:23:45:67:89:AB CD-2 CD-3 ZigBee 1001 Source Destination address CDM 2001:1F00:388::3 CD-1 01:23:45:67:89:AC CD-2 1002 Table 2: CD-1 routing table.
Although IP spoofing is not a requirement for a successful DDoS attack, attackers often use the IP source address
spoofing to hide the identity of agent machines during the attack.
In this situation, the source address
of the suspected client is present on suspicious list; the packet from this source is forwarded to the puzzle server by the firewall.
Also, the presence of source address
informs node K that the packet is actually from node A, even if it is delivered from node J.
 used their own simulation system and also testbeds for estimating efficiency, scalability, and cost of implementing the protection mechanism SAVE (Source Address
Validity Enforcement) against DDoS attacks.
These headers are destination address, source address
, and type/length field.
One of the most important aspects of its next-generation backbone is a security feature known as Source Address
Validation Architecture (SAVA).
For example, "ANY" might be used for the source address
in several rules when actual traffic only originates from a handful of IP addresses.
The femto-cell is required to have the MCN IP address so that it can use that as the source address
for IP packets that it sends to entities within the MCN.
The IPv6 tunnel source address
is added to the NAT table, along with an IPv4 source address
and port, to disambiguate the customer's private address and provide the reference for the tunnel endpoint.