标准编号:	GB/T 46240.1-2025
中文名称:	IPv6网络设备安全技术要求和测试方法 第1部分：路由器
英文名称:	Security requirements and testing methods of IPv6 network equipment—Part 1：Router
中标分类:	M32    数据通信设备
行业分类:	GB    国家标准
ICS分类:	33.040.40 33.040.40    数据通信网络 33.040.40
发布机构:	国家市场监督管理总局 国家标准化管理委员会
发布日期:	2025-8-29
实施日期:	2025-12-1
标准状态:	valid
翻译语言:	英文
文件格式:	PDF
中文字符数:	43000 字
翻译价格(元):	3010.0
交付时间:	付款后 1~8 个工作日

GB/T 46240.1-2025 Security requirements and testing methods of IPv6 network equipment—Part 1：Router English, Anglais, Englisch, Inglés, えいご This is a draft translation for reference among interesting stakeholders. The finalized translation (passing thorugh draft translation, self-check, revision and varification) will be delivered upon being ordered. ICS 33.040.40 CCS M 32 People's Republic of China National Standard GB/T 46240.1-2025 Security requirements and testing methods of IPv6 network equipment—Part 1: Router Issued on 2025-08-29 Implemented on 2025-12-01 Issued by State Administration for Market Regulation, Standardization Administration of China Contents Foreword Introduction 1 Scope 2 Normative References 3 Terms and Definitions 4 Abbreviations 5 General Rules 6 Security Technical Requirements 7 Test Methods References 1 Scope This document specifies the security architecture of IPv6-capable routers, as well as security technical requirements and testing methods for data plane, control plane and management plane. This document applies to the design, development and testing of IPv6-capable router equipment. 2 Normative References GB/T 25069 Information security technology - Terminology GB/T 41269-2022 Security technical requirements for critical network equipment - Router equipment 3 Terms and Definitions 3.1 Router Network equipment used to establish and control data flows between different networks. NOTE: Routers select paths or routes based on routing protocol mechanisms and algorithms to establish and control inter-network data flows, where networks may operate with different network protocols. [SOURCE: GB/T 41269-2022, 3.1, modified] 4 Abbreviations ACL: Access Control List AH: Authentication Header AS: Autonomous System BGP: Border Gateway Protocol BGP4+: Border Gateway Protocol for IPv6 CGA:Cryptographically Generated Address CLI: Command-Line Interface CPU : CentralProcessing Unit DAD:Duplicate Address Detection DDoS:Distributed Denialof Service DoS:Denialof Service DUT:Device Under Test ESP:Encapsulation Secure Payload EVPN: EthernetVirtualPrivate Network FlowSpec:Flow Specification HMAC:Hashed Message Authentication Code ICMPv6: InternetControlManagementProtocolversion6 IKE:InternetKey Exchange IPsec:InternetProtocol security IPv6: InternetProtocolversion6 IS-IS: Intermediate System to Intermediate System LAND:LocalArea Network Denial MAC:Media Access Control MD5: Message Digestversion5 MPLS:Multi-Protocol LabelSwitching NA:Neighbor Advertisement ND:NeighborDiscovery NS:Neighbor Solicitation NUD:Neighbor UnreachabilityDetection OSPFv3:Open ShortestPath Firstversion3 PIMv6:ProtocolIndependentMulticastversion6 RA:Router Advertisement RIPng:Routing Information Protocolnextgeneration ROA:Route Origination Authorization RPKI:Resource Public Key Infrastructure RS:Router Solicitation RSA:RSARivest,Shamir and Adleman algorithm SHA:Secure Hash Algorithm SID: IDSegmentID SLLA:Source Link-Layer Address SNMP:Simple Network ManagementProtocol SRH :SegmentRouting Header SRv6:SegmentRouting IPv6 SSH :Secure Shell TCP:Transmission ControlProtocol TLLA: TargetLink-Layer Address TLS:TransportLayer Security URPF:Unicase Reverse Path Forwarding VLAN:Virtual LocalArea Network