Hi Stephen, Thanks for your review and comments. Please see inline.
Original From: StephenFarrellviaDatatracker <[email protected]> To: [email protected] <[email protected]>; Cc: [email protected] <[email protected]>;[email protected] <[email protected]>;[email protected] <[email protected]>; Date: 2024年10月08日 00:50 Subject: Secdir last call review of draft-ietf-bfd-unaffiliated-echo-11 Reviewer: Stephen Farrell Review result: Has Issues I'm not sure if this is a real issue or not. If not, which is quite possible, then this'd be ready. I wondered if this setup might create potential reflection attacks, but am not sure. The attack might happen if bad-device-A sends packets to B, as if those are from real-A, and then B sends those back to real-A. If that could happen, it would seem like a reflection attack vector that could be part of a DoS. If that can't happen, it might be no harm to say why in the security considerations section. [XM]>>> In theory it would happen, however in the real deployment I doubt it would happen. Currently we have two specific use cases of the Unaffiliated BFD Echo, one is between RG and IP Edge (as described in Section 6.2.2 of BBF TR-146), another one is between DC Gateway and VM of Server (as described in draft-wang-bfd-one-arm-use-case). For the two use cases it seems difficult for a bad-device-A to send packets to B. Furthermore, in the security considerations section it says "the "Authentication Section" as defined in [RFC5880] for BFD Control packet is RECOMMENDED to be included within the Unaffiliated BFD Echo packet", is that an effective way to mitigate this kind of DoS attack? Best Regards, Xiao Min
