1. Technical Field
The present disclosure relates generally to the protection of transit links within a routing infrastructure by preventing devices outside the routed infrastructure from generating edge traffic which terminates in a device on a transit link inside the routed infrastructure.
2. Description of the Related Art
A data network comprises routers and networks which interconnect the routers, where the network also provides connectivity to end stations, and in one type of network known as a routed infrastructure, the networks associated with end stations are known as edge networks, and the networks which provide connectivity between routers and which carry traffic principally from one router to another within the routed infrastructure are known as transit links. The routers of a routed infrastructure are also known as interior routers, which route packets through the network according to interior gateway protocols (IGP) whereby each router develops a route table indicating on which router interface a particular network address or range of network addresses may be found, such that when an IP packet having a particular destination address is received, the packet is emitted on the interface associated with that network address. The route table for each router contains only local data related to the interface on which each network may be found, such as by a set of route table entries, each entry having a network address or address range and the associated interface to send a packet bearing the particular network address.
A station on an edge network may receive an advertised route directly, thereby providing information about address ranges of routing networks. More generally, stations on the edge network may be able to undesirably access networks on the routed infrastructure, particularly stations on the transit links.