<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.2.3) -->
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-qin-savnet-sav-monitoring-requirements-00" category="info" submissionType="IETF" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <front>
    <title abbrev="SAV Monitoring Requirements">Information Requirements for Monitoring Source Address Validation (SAV) Enforcement</title>
    <seriesInfo name="Internet-Draft" value="draft-qin-savnet-sav-monitoring-requirements-00"/>
    <author initials="L." surname="Qin" fullname="Lancheng Qin">
      <organization>Zhongguancun Laboratory</organization>
      <address>
        <postal>
          <city>Beijing</city>
          <country>China</country>
        </postal>
        <email>qinlc@mail.zgclab.edu.cn</email>
      </address>
    </author>
    <author initials="D." surname="Li" fullname="Dan Li">
      <organization>Tsinghua University</organization>
      <address>
        <postal>
          <city>Beijing</city>
          <country>China</country>
        </postal>
        <email>tolidan@tsinghua.edu.cn</email>
      </address>
    </author>
    <author initials="N." surname="Geng" fullname="Nan Geng">
      <organization>Huawei</organization>
      <address>
        <postal>
          <city>Beijing</city>
          <country>China</country>
        </postal>
        <email>gengnan@huawei.com</email>
      </address>
    </author>
    <date year="2026" month="June" day="29"/>
    <area>Routing</area>
    <workgroup>SAVNET</workgroup>
    <keyword>SAV</keyword>
    <abstract>
      <?line 46?>

<t>Source Address Validation (SAV) enforcement requires operational visibility into validation results, traffic-handling outcomes, SAV rule generation and state, and SAV configuration. Such visibility helps operators understand how SAV operates in the network and supports operational decisions, including staged deployment where traffic that fails validation may be permitted while being monitored and analyzed. This document identifies information requirements for monitoring SAV enforcement.</t>
    </abstract>
  </front>
  <middle>
    <?line 50?>

<section anchor="sec-intro">
      <name>Introduction</name>
      <t>Source Address Validation (SAV) is an important mechanism for mitigating source address spoofing. Operating SAV safely and effectively requires operators to observe and evaluate SAV enforcement behavior in operational networks. Operators need visibility into whether traffic passes or fails SAV validation, how traffic is actually handled after validation, which SAV rule is involved, and whether the observed behavior matches operational expectations.</t>
      <t>Such visibility requires information from multiple perspectives. Traffic validation and handling information helps operators understand validation results and traffic-handling outcomes. SAV rule generation and state information helps operators understand how SAV rules are generated, updated, and maintained, including the content and scale of enforced SAV rules. SAV configuration and operation information helps operators understand where SAV is enabled, which interfaces are covered, and which traffic handling policy is configured for traffic that fails validation.</t>
      <t>In some deployments, SAV enforcement may initially permit traffic that fails validation while monitoring and analyzing the validation result and related context. This allows operators to evaluate SAV rule correctness and operational safety before applying stricter traffic handling policies, such as dropping traffic that fails validation.</t>
      <t>This document identifies information requirements for monitoring SAV enforcement in operational networks. It focuses on what information is needed to observe, analyze, and support operational decisions about SAV enforcement. These requirements are intended to provide a common reference for the use, evaluation, or design of telemetry and monitoring mechanisms for SAV.</t>
    </section>
    <section anchor="sec-terminology">
      <name>Terminology</name>
      <dl newline="true">
        <dt>Validation result:</dt>
        <dd>
          <t>The result of applying SAV rules to traffic. The validation result is either pass or fail.</t>
        </dd>
        <dt>Enforcement action:</dt>
        <dd>
          <t>The action applied to traffic after validation. For traffic that passes validation, the action is normally to permit the traffic. For traffic that fails validation, the action is determined by the configured traffic handling policy <xref target="I-D.ietf-savnet-general-sav-capabilities"/>.</t>
        </dd>
      </dl>
    </section>
    <section anchor="sec-use-cases">
      <name>Use Cases for SAV Monitoring</name>
      <t>This section describes representative use cases for SAV monitoring. These use cases illustrate how the information identified in this document can support SAV operation, but they are not intended to be exhaustive.</t>
      <section anchor="sec-network-wide-visibility">
        <name>Network-wide Visibility and Operational Decision-Making</name>
        <t>Network-wide visibility is a basic use case for SAV monitoring. Operators need to understand the overall status of SAV deployment and enforcement across the network. By aggregating information from multiple routers, operators can identify where SAV is enabled, what SAV rules are generated, what traffic handling policies are configured, and what validation results or enforcement actions are observed.</t>
        <t>Such visibility provides the baseline information needed for SAV operation. Based on this information, operators can refine SAV rules, adjust deployment scope, assess whether observed validation results are consistent with operational expectations, and evaluate the effectiveness of deployed SAV mechanisms.</t>
        <t>In this way, SAV monitoring supports continuous optimization of SAV deployment and operation.</t>
      </section>
      <section anchor="sec-policy-verification">
        <name>SAV Correctness Verification</name>
        <t>SAV monitoring also supports verification of whether SAV rules are correctly generated and used for validation. Operators can compare SAV rule generation and state information, such as SAV rule content and prefix-to-interface bindings, with traffic validation and handling information, such as validation results, to assess whether SAV validation behaves as expected.</t>
        <t>For example, monitoring can help operators identify possible incorrect validation, stale SAV states, misconfigurations, abnormal SAV table changes, or unexpected validation results for specific traffic. Such verification is useful for reducing the risk that legitimate traffic will be incorrectly classified as invalid when stricter traffic handling policies are applied.</t>
      </section>
      <section anchor="sec-troubleshooting">
        <name>Troubleshooting SAV Enforcement</name>
        <t>Monitoring information enables operators to troubleshoot unexpected validation results or traffic-handling outcomes related to SAV enforcement. Operators can use monitoring information to identify whether traffic is affected due to incorrect validation, stale SAV rules, misconfigurations, or an unexpected enforcement action.</t>
        <t>This capability is essential for isolating faults and understanding where and why validation results or enforcement actions deviate from expectations.</t>
      </section>
      <section anchor="sec-staged-deployment">
        <name>Staged Deployment and Enforcement Transition</name>
        <t>SAV monitoring enables a staged deployment approach that reduces operational risk. Operators can initially deploy SAV with an enforcement action that permits traffic that fails validation while exporting validation results, matched rules, traffic statistics, and related context to a monitoring system.</t>
        <t>Based on observed data-plane behavior and analysis of monitoring data, operators can evaluate whether SAV rules are correctly generated, whether the installed SAV rules match the intended policy, and whether a stricter traffic handling policy would affect legitimate traffic. Once sufficient confidence is established, operators can transition to stricter traffic handling policies, such as dropping traffic that fails SAV validation.</t>
        <t>This staged approach treats monitoring as part of the enforcement strategy. It allows incremental rollout of SAV enforcement and minimizes the risk of unintended traffic disruption.</t>
      </section>
    </section>
    <section anchor="sec-information-requirements">
      <name>Information Requirements for SAV Monitoring</name>
      <section anchor="sec-data-plane-information">
        <name>Traffic Validation and Handling Information</name>
        <t>Traffic validation and handling information reflects how traffic is validated by SAV and how it is handled after validation. It is essential for understanding validation results, traffic-handling outcomes, and the operational impact of SAV enforcement.</t>
        <t>The following information is important for monitoring traffic validation and handling:</t>
        <dl newline="true">
          <dt>Validation result:</dt>
          <dd>
            <t>Information indicating whether traffic passes or fails SAV validation. This information helps operators understand validation outcomes and determine whether a traffic-handling decision is related to SAV.</t>
          </dd>
          <dt>Traffic-handling outcome:</dt>
          <dd>
            <t>Information indicating how the traffic is actually handled by the router after the enforcement action is applied. This may include whether the traffic is forwarded, dropped, counted, logged, rate-limited, or redirected.</t>
          </dd>
          <dt>Ingress interface:</dt>
          <dd>
            <t>The interface on which traffic is received. This information helps operators identify the interface-specific SAV rules related to a validation result or traffic-handling outcome.</t>
          </dd>
          <dt>Validation and enforcement statistics:</dt>
          <dd>
            <t>Counters or aggregated statistics for validation results and traffic-handling outcomes. These statistics may be maintained per interface, per prefix, or per rule.</t>
          </dd>
        </dl>
      </section>
      <section anchor="sec-control-plane-information">
        <name>SAV Rule Generation and State Information</name>
        <t>SAV rule generation and state information describes how SAV rules are generated, updated, and maintained.</t>
        <t>The following information is important for monitoring SAV rule generation and state:</t>
        <dl newline="true">
          <dt>SAV rule content:</dt>
          <dd>
            <t>Information about the SAV rules generated for a router or a specific router interface. This information helps operators understand the SAV rules used for SAV enforcement.</t>
          </dd>
          <dt>SAV rule size:</dt>
          <dd>
            <t>Information about the scale of SAV rules, such as the number of prefixes or the amount of storage used by SAV rules. This information helps operators assess resource usage and determine whether SAV rule generation produces unexpectedly large rule sets.</t>
          </dd>
          <dt>Source of information:</dt>
          <dd>
            <t>The information sources used for SAV rule generation, such as routing information, management configuration, SAV-specific information, or RPKI data. This information helps operators understand how SAV rules are derived and whether they are based on authoritative information.</t>
          </dd>
          <dt>Update status:</dt>
          <dd>
            <t>Information indicating when SAV rules were last updated. When combined with the state of the corresponding information sources, this information can help operators assess whether SAV rules are up to date.</t>
          </dd>
        </dl>
      </section>
      <section anchor="sec-management-policy-information">
        <name>SAV Configuration and Operation Information</name>
        <t>SAV configuration and operation information describes how SAV enforcement is configured and operated in the network. It provides essential context for interpreting traffic validation and handling information, as well as SAV rule generation and state information.</t>
        <t>The following information is important from the configuration and operation perspective:</t>
        <dl newline="true">
          <dt>SAV enablement status:</dt>
          <dd>
            <t>Information indicating whether SAV is enabled on each relevant router or interface. This information helps operators understand the deployment coverage of SAV.</t>
          </dd>
          <dt>Traffic handling policy configuration:</dt>
          <dd>
            <t>The configured traffic handling policy for traffic that fails SAV validation. This information helps operators understand how traffic that fails SAV validation is intended to be processed, and helps interpret the relationship between validation results and actual traffic handling.</t>
          </dd>
          <dt>Change history:</dt>
          <dd>
            <t>Information about recent changes to SAV-related configuration, such as traffic handling policy configuration.</t>
          </dd>
        </dl>
      </section>
    </section>
    <section anchor="sec-security">
      <name>Security Considerations</name>
      <t>SAV monitoring information can reveal sensitive operational details. Unauthorized disclosure of such information could help an attacker infer network topology, identify filtering gaps, or evade SAV enforcement. Therefore, access to SAV monitoring information should be restricted to authorized entities. Telemetry or monitoring data used for SAV operations needs to be protected against tampering and spoofing. Incorrect or forged monitoring information could mislead operators, hide enforcement failures, or cause inappropriate policy changes. Mechanisms that export SAV monitoring information should provide appropriate authentication, integrity protection, and confidentiality protection when needed.</t>
    </section>
    <section anchor="sec-iana">
      <name>IANA Considerations</name>
      <t>This document does not request any IANA allocations.</t>
    </section>
  </middle>
  <back>
    <references anchor="sec-informative-references">
      <name>Informative References</name>
      <reference anchor="I-D.ietf-savnet-general-sav-capabilities" target="https://datatracker.ietf.org/doc/html/draft-ietf-savnet-general-sav-capabilities-03" xml:base="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-savnet-general-sav-capabilities.xml">
        <front>
          <title>General Source Address Validation Capabilities</title>
          <author fullname="Mingqing(Michael) Huang" initials="M." surname="Huang">
            <organization>Zhongguancun Laboratory</organization>
          </author>
          <author fullname="Weiqiang Cheng" initials="W." surname="Cheng">
            <organization>China Mobile</organization>
          </author>
          <author fullname="Dan Li" initials="D." surname="Li">
            <organization>Tsinghua University</organization>
          </author>
          <author fullname="Nan Geng" initials="N." surname="Geng">
            <organization>Huawei Technologies</organization>
          </author>
          <author fullname="Li Chen" initials="L." surname="Chen">
            <organization>Zhongguancun Laboratory</organization>
          </author>
          <date day="21" month="June" year="2026"/>
          <abstract>
            <t>The SAV rules of existing source address validation (SAV) mechanisms are derived from other core data structures (e.g., FIB-based uRPF) that are not dedicatedly designed for source filtering. Consequently, these mechanisms have limitations in deployable scenarios and traffic handling policies. To overcome these limitations, this document introduces general SAV capabilities from a data plane perspective. How to implement the capabilities and how to generate SAV rules are not in the scope of this document.</t>
          </abstract>
        </front>
        <seriesInfo name="Internet-Draft" value="draft-ietf-savnet-general-sav-capabilities-03"/>
      </reference>
    </references>
    <?line 169?>



  </back>
  <!-- ##markdown-source:
H4sIAAAAAAAAA61aS5PbNhK+61ewKpfdKknlym11itfOw7WJs2uPvVV7g0hI
QkwSDABqLLvmv+/XjScpaUaT5BBnJIGNRvfXXz/A1Wq1cMq1clO96XfadMIp
3Vfv5O+jMrKTvbMVvq5+0b1y2qh+X73Xo6ll9bJpjLS2+iha1fin/vb+5ce/
V9+TnJqfXYjt1sjjpsIPpYhS/KLRdS86KNAYsXOr31W/suLYS0f/W3XpqZUp
nlq9eLHQW6tb6aTdLMYBKtAf9L/Nosa/e21Om0pBmYUdt52yFirenQY66fd3
PywWajCbypnRum9fvPjHi28Xwkixqd7p0WG3xb02n/ZGjwNr//b7u8UnecKX
DX9eLMToDtpsFtVqUWEbu6l+Xlf/UT0++eP8LPr6IHFa/6U2e9GrL2ypTfW/
g+73+xFLxh4rt9oInPKEdbITqt1UMENbf0d/r7/s61Zs17IZ1zVJqpXDyf4p
1W+kJz7rsXd02FcH1YtCodfr6meV9Hktev9xqsmdhZTDKKoPvTpKYyE8a+E0
Obf/zoVFf0CJt+vqR8lLvBpvoUb4YqrIT6O4lyrvvceiHnsf+Pt1rbunt130
HsJHgGChIqDpU1W9Wb1eK+l2EV2QL41oGWW1GMRWtcopAtFivV4vFqvVqhJb
64yo3WLxFOplRn0VgGorPWAHWiTa6qis4i1OsIvT1TFLwNKxdXYJNIrdTtWr
g+iblgIFWMS5JX6iCDJjKyuvNj+HVZV1wPqS/6Qlte53aj/6Bevq/Vgfyp0P
sh2iWtrYauwbuNzR0wd9zxL8j1Be9ZU7yAqmolDwm43DoI2bHqyRtaLYgpKq
r9uxIcUhcy8b/Da0+sRGuT9II+MJIVm4agc/29IQnThVW1lBeKecw/P3B4Uj
byWJDEyAb0kVga1PX2Szru4OylYgkZG3UQ3+VTvFB8iEZuaE1hWEhlMX7guu
71TTtHKx+AbE6IxuxpoFff3Gynql6KuHp1EBzQB31ZHVBLTrZA3fKtt5HYC3
vXBsLy9IBEF20HqH79fVr97SQU0rdrI9sQHkbidrwjY+zwBHngXCwI/SHKVf
DSuPcOv8sLDtQRwVlIG7S68Gt9uoAcnsJYw/xzH8CpiY5NlBWEuamOBe2jC7
eMk4i2vJPLUbRYszMObJuTsHaeUTAAFQnAJAkWePuj3KxuM+aQC0hjM3+VwA
AGh4Cln5eYDt+JOFu+dRksxZImhndFd1iFM1tAxRO3j7w0R34TwFlDmkYhiX
ch4JwXNKYDFXWWH9OCvcum2MfBKEHU2SRgb2mTVYGsTcO/xHn3Osk93BO47g
xJvXAhrpXcRZk6Wvz0mKH0nOuVVnzyYkDHCQvdi2pJNHCnSUZifqcJhaI61l
rNCKiL9k0QF5rj6RrKgbtKYQfZSvAJ03PUK3kwXRBa4uY4xoTYFuFAPds9sT
TOiJryCpzHnR5Gdo4TVGtuQv75DPLtAjNtb3M3qYUAKDqNbGANM9MdDEKwgZ
Yh5H7IxjgVKGoT15njeqdkX4T02qKHVZCi8BjjZ6GFj7J4z6VzP6dW57g/2x
DxMWGV24yR7Kcx7Mmel0GVPPskyJlzMi6gfE6lmCgU+kldMTEFIJuH3YbTD6
iJNXAl7pOj7vDjDukSQYlwAA1F5GLzJR4vtGWrXvKficbCEatZGP3GyclIO8
2aDcmrLcHcGy163en0KSc/kbpLqvm6MdEFQPi49z4G0WGzpShCE2T/jIvIIz
Bb/z+S/AlyJZMZNTDokZBMoVHQXlC6oWw47+E2+nvN0ituZpZF39MA/nkKnK
VOOyTPI9AYFClvwRovYg8zHOJM6xPBfYSG9Tyk+nyJuRbq6R0tevt1auDw/s
yQ/A1itBRwv+LVsv71pAB09iyUOINiu9ksBPbdQWzxo5wC8wORfQBLaqngjN
kIqAzmtU245UOYNdON8fpskohXTjq8wy3GsUTDGocj3KxtyO7IATB0uv3SRg
UDfKzweBbaEu2eGb6q2P89U9BdLHnN8pIH4t4vV1iNfVL+JTtlFfPL3K1QEs
NpFb1kMI42orLJwYTXHRWrOKCsoXmY2rmCP5t+U0PloKKBJRFNNc0k2iwmiE
TFGvr6t/4qD7vZGhwrxey6DJBSxB1Dk9kBOCk05Xc61w18sG/vVqTgh5OUI/
pmY8cqEEggHlGQF4EbHau1DDBf70NoFPJBSYgjAwe3RQwhksh+UNJQRGZvHM
3ETgZJKarICDNL8BgaWrbI1n8ANxjU21aqpTL9V83jhWWS6p7sGJV6vX5bS6
p8OmxoDzOLDjlQllWGZ/X73wEe/FaTlDae71qJJQ/agJiINTXWjYr6Aym5FD
kFa8KsqKj9Ig7mtR9FKe5lbH4hfqrKbaiNbqrFK5lvSIVp3CMZQz4O8ETFZx
tMHtZXb4deJY5NxBGHl7fZ2rnKKayiXxQEj5vHJ6lYrTaqt6Kp/hQvawu72H
yJtdHCLoOdimLZhvjchGNkCJA4iSmfwsOjDCsrQ8mYMK8QL6iRkGkI7aUk/W
B2NPkh+s1Hobsr2gW6fspPgn/G59muV1jsilIoTuaTlUGvuo46VQIS9SH6Y4
Bce87LmgxAgwDq/vxpafAOWMdSyjjbKffPZu5R5ptOM4Cs64RyKjzJLOBzDV
Lczrk5fgVpTUIlv3N1TDDMxQrvgIuQP94tD2oHVq88uCJ9Ri01UIkCKnl6zm
+XlW6pdPP2HRXNKc95upuYDIs5p2GkCU/7rLGuLhMrVMhgeUQZm+aHY0Sl77
BLQC8V5AFo5CmuTjnqeR2GykKoqTOGKH9BMeLcrq1qfQnUg9eU7Y9IPPkD6J
nZ6Rwxp5VAQ3zsezoQSRpx+ivZ4ybAmOOyOQJwoy9XO3VSblcyqNCBEXhnRA
ptGCOmQKCI6T2eiEwmXu7NzbelHsFyY10V84d6i+uaC2N/XBMA14n5S/RHh+
wtNEJESBxDlIoaoOSXLWGTNPThLeCfm2g+VT+k9JGjuK1dCKXua5UmrIkacp
BxWSaPm8VEgp+uZctZwMtlRPkG/LYYo/ePg1FMI+mU7nYuIpXkIc6rFtQuhd
4EE4nBpPO9IHxVU6xVrD7SgHDBG3sgfSenpulxEKg/9V44JpRotRHPCcQWyk
AMLKMsKi6zPconKpVGDTtyv7Ew8FwrwE3OP7cwK+xneji2XPBNbUYCMIUBqF
gpOTClaOfW5RwikaZc04xArp8Vu3i71bwaWTK7GHkE78Nh+nZcRP0c7lfl5e
BncpmhrDZ0w1Ud+0wI6dj3fDs77hpePEgaPifv/a0JedcMbEU9J95gVK6q0K
MlOo8upLLmVEUfNGOJiflXqCNNGfTZ6eqOI2T85RSv9QgVj71PO8KXuY+j1/
7JwyPX2fphUFk5wZOM66yCrT8mCdEHTmjkcOGscFj10RhNmJ71sDdubhnIcu
sdryNvGzWBpdywm/FvtByL0wDXEZcxD9wfeM9Eer93v6P5HFqkXI87e+qFQm
FtNv+j3f46RqPw6scvnvk1sxjGYD1lIdk66P+S+VUK6UukrFcM4ShVfEhanb
IwUfDjKjkSlhxvxKh3vFBjIMyTh2kE2xaNZx3XrD4SdLhZhwR5ivIqiSyBZY
8kffb7Ff6CMZwpdUbJd31J79OO3o3nNHd86OVC2A+i8S5O23L3ms9kcuW/4w
Gz2q4ISL5l3rPEL9IJuwlpXPXTVtK2I88t8Jh+HL5J/nUdN0w9S4n7N10t8i
B19XPl1NFZ1DrDd4eDZ2WzrCLiDIUywPcTsCOP1ioSTqDK9NyGrhcuvJo4XG
HNj3972jJUmXyfaS8wa+iCZTpK4GvNgKAyn++NLxjaYXD20LbTIHZQW9HjPT
znbNJjL+3ZjpLKJDFbz3lDDpwHiilAlpOkYz1bt//+sNV8rPQ8R5/OAn4sz5
VbCfEm9jLe9f11Fhml1sBmt94LAL09bHk3BfbH5PTV8rrItxu67+SyvAXFsm
Jj/XOchACKHo5FLfDtpXMRecsTybO14awlyY8WSbjAPRPSmF4+U53PzaNQ3B
LxBfdmuc0J2T360Xuef0N7mdm9y6ZinxdqCYaaMqTIPdXBvGjo67dSIaBK+7
oRqbYlKQR9t2MsN7itifwczU4pc3PpdsVrxVcMbOvm1PmfcpoCZQ5Jk9hYGk
vggVAdpRelEpMfaf4OdifMBX7cRonmFzBXjWcE6sEInphsuwK3fyf6b8LTuW
qyL9WyeT2yYAsSYMhnTtd0jw8xUqlV40zzmoAY+4ewl6uFID+Sr37OCw4Sse
h1Y4Er0ieDm5UeVIDvCT01CBr4qRR8nLKePd4hwmkOq9rEdD47FXdDHRBMDa
OHUKv54Pm+YkZuRR0tsEkocCRzm7N3dk+nX1oQ90/YWGL8rWrbajYVix7hOp
PLpgcoR84ZyoP3HBscO/8eU1pwe+x17munmnWriKdNyLwU8LERTN2RtSXIIa
fu0Bjq7J5XH+eeWc9sAqbflC3A88fPWdz0Q60I0thKdr+mnpRplxmpWTpfy1
oc0wdH68KfaCpkSVE90g00sj+VWyN2mSSm2jNjQrueYqPkGnbCtFk8NmCRA2
0z6LggWu8QasBc19Vc8TmMHwbDNiyiNzXf2SXz/gaPOzvRvsmd6IKISTScmW
dUA2hd/ehPs/5++0fXjGgRUljOnvPq3720A/knn59uVlnCvkxIf5+ymNlpZv
o2kYA4dju5OXQVOkOg106aXCLcC5WPwf1WCSknUtAAA=

-->

</rfc>
