Daily Technology News, Tips, and Reviews | Subscribe to Jason Slater Technology BlogTechnology Feed | Join Jason Slater on TwitterTwitter | Thursday 2nd September 2010

Dealing With Source Routed Packets

By Jason Slater
Tuesday, 4 November 2008
  • DiggThis
  • Share

Dealing With Source Routed Packets You may find on option on your firewall to drop source routed packets, but what are they and why would you drop them?

When sending and receiving information over a network connection data is broken apart into small packets of information to ensure more consistent and fairer routing. A packet will be labelled with its source address and destination address and these packets of data will head out towards the destination allowing each routing device in its path to direct its flow – this is the way the Internet is intended to work with routers constantly evaluating paths and directing packets to eventually reach their destination. One of the reasons for working in this way is that the Internet is constantly changing and needs to allow for routers that go offline at a moments notice – others routers can detect the failure of transmission and find another path automatically.

It is possible for a sender device to specifically specify the path to follow, and so the route of the packet is predetermined at source (source routed packets) – but this routing information could be manipulated with false information (spoofed) as routing information is specified by IP address causing confusion between routers as they receive notifications for packets they never sent. Source Routing is officially described as “Used to route the Internet datagram based on information supplied by the source.“.

Source Routing, both Loose Source Routing and Strict Source Routing, is described in the 1981 RFC (Request For Comments) 791 Specification for the Internet Protocol and can be found at http://www.faqs.org/rfcs/rfc791.html.

In a time when Internet security is paramount, you should only allow source routed packets through your router if you specifically require the source routing facility – most of the time this traffic should be safely dropped.

Related

Leave a comment!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.