Skip to main content

Last Call Review of draft-ietf-bfd-large-packets-14
review-ietf-bfd-large-packets-14-tsvart-lc-trammell-2024-12-17-00

Request Review of draft-ietf-bfd-large-packets
Requested revision No specific revision (document currently at 16)
Type Last Call Review
Team Transport Area Review Team (tsvart)
Deadline 2024-12-09
Requested 2024-11-25
Authors Jeffrey Haas , Albert Fu
I-D last updated 2024-12-17
Completed reviews Yangdoctors Last Call review of -07 by Jürgen Schönwälder (diff)
Secdir Early review of -11 by Joseph A. Salowey (diff)
Genart Last Call review of -13 by Dan Romascanu (diff)
Secdir Last Call review of -14 by Joseph A. Salowey (diff)
Tsvart Last Call review of -14 by Brian Trammell (diff)
Assignment Reviewer Brian Trammell
State Completed
Request Last Call review on draft-ietf-bfd-large-packets by Transport Area Review Team Assigned
Posted at https://mailarchive.ietf.org/arch/msg/tsv-art/PNlEKk2GV_J-_IfbYW89CP0fXho
Reviewed revision 14 (document currently at 16)
Result Ready w/issues
Completed 2024-12-17
review-ietf-bfd-large-packets-14-tsvart-lc-trammell-2024-12-17-00
This document has been reviewed as part of the transport area review team's
ongoing effort to review key IETF documents. These comments were written
primarily for the transport area directors, but are copied to the document's
authors and WG to allow them to address any issues raised and also to the IETF
discussion list for information.

When done at the time of IETF Last Call, the authors should consider this
review as part of the last-call comments they receive. Please always CC
tsv-art@ietf.org if you reply to or forward this review.

This seems like a fairly straightforward extension to BFD that adds the ability
to make loopback packet larger in order to check bidirectional forwarding MTU.
I have no particular transport concerns with this extension in isolation.

I'm not sure about the statement in the security considerations section that
"[t]his document does not change the underlying security considerations of the
BFD protocol or its encapsulations." Yes, it's not the 90s anymore, but AIUI
the concept does involve changing packet sizes across potentially multiple
encapsulation layers where there might be lurking assumptions about packet
lengths and buffer size, and buffer size misalignments are still an easy place
to find vulnerabilities. Would a statement to the effect that implementors of
this specification should take care with packet sizes being dynamic where prior
to this extension they were not be warranted in the security considerations
section?