Early Review of draft-ietf-bfd-multipoint-active-tail-08

Request Review of draft-ietf-bfd-multipoint-active-tail
Requested rev. no specific revision (document currently at 10)
Type Early Review
Team Routing Area Directorate (rtgdir)
Deadline 2018-06-19
Requested 2018-06-04
Requested by Martin Vigoureux
Draft last updated 2018-06-18
Completed reviews Rtgdir Early review of -08 by Stig Venaas (diff)
Genart Last Call review of -09 by Linda Dunbar (diff)
Best case would be that Michael Richardson does the review since he has done the one of the base mp spec.
Assignment Reviewer Stig Venaas
State Completed
Review review-ietf-bfd-multipoint-active-tail-08-rtgdir-early-venaas-2018-06-18
Reviewed rev. 08 (document currently at 10)
Review result Has Issues
Review completed: 2018-06-18



I have been selected as the Routing Directorate reviewer for this
draft. The Routing Directorate seeks to review all routing or
routing-related drafts as they pass through IETF last call and IESG
review, and sometimes on special request. The purpose of the review is
to provide assistance to the Routing ADs. For more information about
the Routing Directorate, please see

Although these comments are primarily for the use of the Routing ADs,
it would be helpful if you could consider them along with any other
IETF Last Call comments that you receive, and strive to resolve them
through discussion or by updating the draft.

Document: draft-ietf-bfd-multipoint-active-tail-08.txt
Reviewer: Stig Venaas
Review Date: date 2018-06-15
IETF LC End Date: 2018-06-18
Intended Status: Standards Track

I have some minor concerns about this document that I think should be
resolved before publication.


The document is in a good shape and almost ready for publication. I
only have some minor issues and a couple of nits. The main one is
perhaps the security considerations.

Major Issues:
No major issues found.

Minor Issues:

I found 5.2.3 last paragraph a bit confusing:
   If the multipoint path and the reverse unicast path both stay up but
   the forward unicast path fails, neither side will notice so long as a
   unicast Poll Sequence is never sent by the head.  If the head sends a
   unicast Poll Sequence, the head will see the BFD session fail, but
   the state of the multipoint path will be unknown to the head.  The
   tail will continue to receive multipoint data traffic.

It says here that the state of the multipoint path is unknown, which is
true if it only does unicast polling. But the assumption is 5.2.3 is
that multipoint polling is also done. So it might be good to point out
that the state of the multipoint path will determined by the multipoint

The security considerations could need more details. Is there some way an
attacker can send forged multipoint polls getting clients to send a
large number of responses to the head? Also how hard would it be to use
any address for the head? Would clients only accept a certain address
for the head? It should perhaps be emphasized that BFD authentication
mechanisms are important? It should be possible to restrict a client to
only respond to authenticated polls. Also perhaps have some rate
limiting in clients in case the head polls at an unreasonably high rate?

In the Introduction it says:
   This document effectively modifies and adds to Sections 5.12 and 5.13
   of the base BFD multipoint document [I-D.ietf-bfd-multipoint].
This should be 4.12 and 4.13, right?

6.13.1 and 6.13.2
Refer to 5.13.x, but should be 4.13.x.

One of the authors is listed in the Acknowledgments section.