A perimeter router filters TCP/IP packets that are entering or leaving your network, based on a rule set called an access control list (ACL). The network's security policy dictates the ACL, specifying which traffic is allowed to enter or exit your network.

  • A perimeter router or a packet filtering router can prevent IP spoofing and deny packets that have a source address from your internal network.
  • Perimeter routers can prevent certain types of network traffic from entering the network, for example, TFTP, portmapper or TCP connections to a DNS server.
  • It may also be set to permit or deny traffic from specific networks or hosts. For example, the perimeter router can allow from 10.10.10.5 or deny 172.16.0.0.