Re: [Tsv-art] Tsvart last call review of draft-ietf-bfd-multipoint-16

Jeffrey Haas <> Mon, 18 June 2018 18:02 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id ED1F0130EFB; Mon, 18 Jun 2018 11:02:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id r4JTLclSL24p; Mon, 18 Jun 2018 11:02:19 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 0CBC6130EE2; Mon, 18 Jun 2018 11:02:18 -0700 (PDT)
Received: by (Postfix, from userid 1001) id 8DC7D1E3D0; Mon, 18 Jun 2018 14:02:15 -0400 (EDT)
Date: Mon, 18 Jun 2018 14:02:15 -0400
From: Jeffrey Haas <>
To: Bob Briscoe <>
Cc: Greg Mirsky <>,,,, IETF list <>
Subject: Re: [Tsv-art] Tsvart last call review of draft-ietf-bfd-multipoint-16
Message-ID: <>
References: <> <> <> <> <> <> <>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <>
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 18 Jun 2018 18:02:22 -0000


Addressing these specific points.  (Note that I'm not a multicast expert.)

On Mon, Jun 11, 2018 at 10:47:28PM +0100, Bob Briscoe wrote:
> If there is an SSM tree from host A to multicast address G, I am not
> familiar enough with SSM to know what happens when host B sends a
> packet to G with source address A (i.e. spoofing A). I assume the
> IGMP messages build the tree back from each member to A, so usually
> there will be no route from B, even if it is spoofing A as the
> source. However, I would have thought that a host connected to the
> same router as A could spoof A and get onto the SSM tree. Or does
> SSM always check for this type of spoofing?

In general, when multicast traffic is forwarded, it is checked against the
incoming interface to see if it should be forwarded or not.  When it's
against a valid IIF, it may be distributed out the outbound interface list
for that tree.  Traffic that doesn't match the IIF is dropped, I believe.

A general problem with multicast is that hosts along the tree can inject
spoofed traffic.  BFD would have the same issue; it is not a new

Your follow-up comment about MPLS is correct in that external injection is
even more difficult without some other way to tunnel the labeled traffic to
the tree.  But once it's there, the same issue applies.

-- Jeff

P.S. Thanks, Greg, for handling the followup discussion.