9. Security Considerations
The main security risk is that traffic marked with the NQB DSCP can affect capacity, delay, delay variation, or loss experienced by other flows that share a bottleneck. Full NQB support limits incentives for QB traffic to mis-mark itself as NQB, especially when traffic protection is present.
Without traffic protection, malicious or misconfigured QB microflows can build a queue in the shallow NQB buffer. Overflow can cause reforwarding as Default, discarding, reordering, excessive delay variation, or packet loss that affects correctly marked NQB traffic as well. Per-user provisioning limits help constrain the blast radius.
Traffic protection may require finite flow state, so implementations must account for flow-state exhaustion attacks. The RFC requires traffic protection to be designed so the node does not fail when that state is exhausted.
Existing Wi-Fi deployments can give DSCP 45 traffic AC_VI treatment by default, which is not compliant NQB behavior but may still occur. DSCP fields have no integrity protection, so on-path attackers can alter DSCPs; NQB does not change that Diffserv property.