Middlebox: Difference between revisions
Jump to navigation
Jump to search
imported>Howard C. Berkowitz (New page: In networks using the Internet Protocol, a '''middlebox''' is a function that introduces a controlled violation of the end-to-end principle.<ref name=RFC3303>{{citation | id = RFC330...) |
imported>Howard C. Berkowitz No edit summary |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
{{subpages}} | |||
In networks using the [[Internet Protocol]], a '''middlebox''' is a function that introduces a controlled violation of the end-to-end principle.<ref name=RFC3303>{{citation | In networks using the [[Internet Protocol]], a '''middlebox''' is a function that introduces a controlled violation of the end-to-end principle.<ref name=RFC3303>{{citation | ||
| id = RFC3303 | | id = RFC3303 |
Latest revision as of 16:32, 31 January 2009
In networks using the Internet Protocol, a middlebox is a function that introduces a controlled violation of the end-to-end principle.[1] Names for various middlebox functions include network address translator, firewall, virtual private network concentrator, load balancer, etc.
In the first IP networks, all addresses were reachable, but their environment was one of high trust and small user populations. As needs for security increased, so did the need to isolate some addresses, or at least inspect traffic destined for them. Increasing network size and workload could lead to address shortages, or needs for application-level information to regulate IP-level load distribution.
References
- ↑ P. Srisuresh, J. Kuthan, J. Rosenberg, A. Molitor, A. Rayhan (August 2002), Middlebox communication architecture and framework., RFC3303