Catalogo dei prodotti della ricerca

SRv6 is a routing architecture that can provide hybrid cooperation between a centralized network controller and network nodes: IPv6 routers maintain the multi-hop ECMP-aware segments, whereas the controller, responsible for the Traffic Engineering policy, combines them to form a source-routed path through the network. Since the state of the flow is defined at the ingress to the network and then is contained in a specific packet header, called Segment Routing Header (SRH), the importance of such a header itself is vital. Motivated by the increasing success and widespread deployment of such approaches and technologies, this paper introduces the context and discusses some of the issues tied to possible tampering with the Segment Routing Header content. Finally, some details of an experimental testbed aimed at evaluating the above issues are provided.

On SRv6 Security / LO BASCIO, David; Lombardi, Flavio. - In: PROCEDIA COMPUTER SCIENCE. - ISSN 1877-0509. - 201:C(2022), pp. 406-412. (Intervento presentato al convegno The 13th International Conference on Ambient Systems, Networks and Technologies (ANT) / The 5th International Conference on Emerging Data and Industry 4.0 (EDI40) tenutosi a Oporto) [10.1016/j.procs.2022.03.054].

On SRv6 Security

David Lo Bascio
;
2022

Abstract

SRv6 is a routing architecture that can provide hybrid cooperation between a centralized network controller and network nodes: IPv6 routers maintain the multi-hop ECMP-aware segments, whereas the controller, responsible for the Traffic Engineering policy, combines them to form a source-routed path through the network. Since the state of the flow is defined at the ingress to the network and then is contained in a specific packet header, called Segment Routing Header (SRH), the importance of such a header itself is vital. Motivated by the increasing success and widespread deployment of such approaches and technologies, this paper introduces the context and discusses some of the issues tied to possible tampering with the Segment Routing Header content. Finally, some details of an experimental testbed aimed at evaluating the above issues are provided.
2022
The 13th International Conference on Ambient Systems, Networks and Technologies (ANT) / The 5th International Conference on Emerging Data and Industry 4.0 (EDI40)
segment routing; networking; security
04 Pubblicazione in atti di convegno::04c Atto di convegno in rivista
On SRv6 Security / LO BASCIO, David; Lombardi, Flavio. - In: PROCEDIA COMPUTER SCIENCE. - ISSN 1877-0509. - 201:C(2022), pp. 406-412. (Intervento presentato al convegno The 13th International Conference on Ambient Systems, Networks and Technologies (ANT) / The 5th International Conference on Emerging Data and Industry 4.0 (EDI40) tenutosi a Oporto) [10.1016/j.procs.2022.03.054].
04c Atto di convegno in rivista
File allegati a questo prodotto
File Dimensione Formato  
LoBascio_On-SRv6-Security_2022.pdf

accesso aperto

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Creative commons
Dimensione 416 kB
Formato Adobe PDF
416 kB Adobe PDF

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1673160
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? ND
social impact