A CLDAP amplification attack is a Layer 4 reflection attack vector, one of the volumetric classes a thorough DDoS test is built to exercise. It abuses Connectionless LDAP (CLDAP) on UDP port 389: the attacker spoofs the victim's IP in a small query to an exposed directory server, which replies with a much larger response. The amplification factor commonly lands in the 50x to 70x range, so a modest set of reflectors can build a multi-gigabit flood aimed at a target that never sent the request.
Why it matters in DDoS testing
CLDAP is one of several UDP reflectors (alongside DNS, NTP, and memcached) that share the same failure mode: the origin link saturates before any application logic is touched. A test confirms whether upstream scrubbing and anycast capacity absorb the reflected volume, and how quickly mitigation engages once the bits-per-second curve climbs. The structural fix is closing or filtering exposed UDP services and enforcing source-address validation upstream, which is why understanding DDoS attack vectors treats reflection as a distinct test surface.