Roman Danyliw's No Objection on draft-ietf-bfd-vxlan-09: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Tue, 17 December 2019 02:01 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: rtg-bfd@ietf.org
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 94CB912009C; Mon, 16 Dec 2019 18:01:33 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-bfd-vxlan@ietf.org, Jeffrey Haas <jhaas@pfrc.org>, bfd-chairs@ietf.org, jhaas@pfrc.org, rtg-bfd@ietf.org
Subject: Roman Danyliw's No Objection on draft-ietf-bfd-vxlan-09: (with COMMENT)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.113.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <157654809360.24500.8752170869862518342.idtracker@ietfa.amsl.com>
Date: Mon, 16 Dec 2019 18:01:33 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/9heoqXCXQdN0FZihMdDZrCROuz4>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Dec 2019 02:01:34 -0000

Roman Danyliw has entered the following ballot position for
draft-ietf-bfd-vxlan-09: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-bfd-vxlan/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

I support Ben Kaduk’s DISCUSS position.

* Section 9. Per “The document requires setting the inner IP TTL to 1, which
could be used as a DDoS attack vector”, could you please clarify what part(s)
of the notional architecture would be impacted (e.g., physical, virtual; and
how)?

* Section 9. Per:
   Thus the implementation MUST have
   throttling in place to control the rate of BFD Control packets sent
   to the control plane.  On the other hand, over-aggressive throttling
   of BFD Control packets may become the cause of the inability to form
   and maintain BFD session at scale.  Hence, throttling of BFD Control
   packets SHOULD be adjusted to permit BFD to work according to its
   procedures.

I’m having difficulty parsing the guidance above – it points out the need to
throttle and the ramifications of doing so.  Per the last sentence, could you
please clarify how the throttling should be calibrated.

* Section 9.  Per “this specification does not raise any additional security
issues beyond those of the specifications referred to in the list of normative
references”, I recommend being clearer which references you mean (i.e., I’m
assuming you don’t mean RFC2119, RFC8174, etc.)

* Editorial Nits:
- Abstract. s/forming up/used to form/

- Section 9. s/such address/such an address/