Middlebox: Difference between revisions
Jump to navigation
Jump to search
imported>Howard C. Berkowitz No edit summary |
imported>Howard C. Berkowitz No edit summary |
||
Line 1: | Line 1: | ||
{{ | {{subpages}} | ||
In networks using the [[Internet Protocol]], a '''middlebox''' is a function that introduces a controlled violation of the end-to-end principle.<ref name=RFC3303>{{citation | In networks using the [[Internet Protocol]], a '''middlebox''' is a function that introduces a controlled violation of the end-to-end principle.<ref name=RFC3303>{{citation | ||
| id = RFC3303 | | id = RFC3303 |
Revision as of 15:32, 31 January 2009
In networks using the Internet Protocol, a middlebox is a function that introduces a controlled violation of the end-to-end principle.[1] Names for various middlebox functions include network address translator, firewall, virtual private network concentrator, load balancer, etc.
In the first IP networks, all addresses were reachable, but their environment was one of high trust and small user populations. As needs for security increased, so did the need to isolate some addresses, or at least inspect traffic destined for them. Increasing network size and workload could lead to address shortages, or needs for application-level information to regulate IP-level load distribution.
References
- ↑ P. Srisuresh, J. Kuthan, J. Rosenberg, A. Molitor, A. Rayhan (August 2002), Middlebox communication architecture and framework., RFC3303