A UDP reflection/amplification attack abuses public UDP services to multiply an attacker's bandwidth. The attacker sends small requests to misconfigured servers (DNS, NTP, memcached, CLDAP, SSDP) while spoofing the victim's IP as the source. The servers reply to the victim with responses many times larger than the request, so a modest attacker can generate a very large flood.
Why it matters in DDoS testing
Reflection/amplification is the canonical Layer 3 volumetric vector, and it is what scrubbing capacity is sized against. A test characterizes upstream absorption (the volume the edge can take before clean traffic degrades) and the latency artifact scrubbing introduces. The structural defense against reflection is source-address validation (BCP 38) at the carrier level; its uneven global deployment is the structural reason these attacks persist, which is why testing focuses on absorption rather than prevention.
The amplification mechanics of each vector are detailed in Understanding DDoS Attack Vectors.