« Version 4.1 - 7.4 Industry Best Practices | Main | Version 4.1 - 7.6 Security audit and validation »

Version 4.1 - 7.5 Common RFC and BCP

BCPs are Best Current Practices. They are put out by the IETF - and marry up with the RFCs. The best way to understand BCPs are to read BCP1 - which specifies what a BCP is and does (and why we have them at all).

Also, take a look at the Wikipedia page for BCPs.

Special note -- The tables have scroll arrows on the top right - which display more BCPs.

One of the things I did while I was studying (videos and reading) was to take a few pages out of my notebook and list the RFCs that I ran across while studying. I also had a page for Protocol and Port numbers. Most of the RFCs that were important (to me) were linked in each section as I discussed the technology. It would be wise to focus on the specific ones mentioned in the blueprint, but know that those are not the only ones and that all RFCs and BCPs are "fair game" with this listing.

RFC2827/BCP38

If you look at the header of any RFC, you will see the relevant BCP listed. [Basically it goes to the same page as the RFC to which it relates - with some header changes.]

RFC 2827 - Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing
BCP38 - Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing

To find any particular RFC or BCP - look at the format of the URL. Just replace the numbers to find whatever one you are looking for and it will be the correct one. There is also a text form of these, but the html form is a bit more convenient. If the RFC has been made obsolete by a newer RFC, the link to that will be in the header.

https://tools.ietf.org/html/rfc2827
https://tools.ietf.org/html/bcp38

RFC3704 / BCP84

RFC3704 - Ingress Filtering for Multihomed Networks
BCP84 - Ingress Filtering for Multihomed Networks

Note that this updates 2827 for a specific use case (multihoming). I'm not going to go over the content of the above RFCs, since that was previously covered under DoS/DDoS.

RFC5735 - Special Use IPv4 Addresses
(not listed in the blueprint, this is BCP153

You might want to take a look at 4. Summary Table of these addresses... not that you need to memorize them, but there may be some that may not be familiar. Note that (ugh) this has been Obsoleted by RFC 6890 - Special-Purpose IP Address Registries.


TABLE 4


Sections

Powered by
Movable Type 3.2