[spring] Re: Gunter Van de Velde's Discuss on draft-ietf-spring-dhc-distribute-srv6-locator-dhcp-13: (with DISCUSS)

["Gunter van de Velde (Nokia)" <gunter.van_de_velde@nokia.com>]

Hi Weiqiang Cheng,

Thank you for the update.

Your text does cover the key security concern for a SRv6 DHCP client running on customer premises, thank you for the update, eventhough it rather brief.

That said, I have serious architectural security concerns about positioning an SRv6 border router on a CPE home device or appliance. That concern sits outside the scope of DHCP and is likely a discussion better suited for the SPRING WG if that is something the WG believes is a great idea or not.

I’ll clear my blocking DISCUSS on this document. Thanks again for the update.

G/

From: Weiqiang Cheng <chengweiqiang@chinamobile.com>
Sent: Tuesday, March 3, 2026 2:46 AM
To: chengweiqiang <chengweiqiang@chinamobile.com>; Gunter van de Velde (Nokia) <gunter.van_de_velde@nokia.com>; The IESG <iesg@ietf.org>
Cc: aretana.ietf <aretana.ietf@gmail.com>; buraglio <buraglio@forwardingplane.net>; draft-ietf-spring-dhc-distribute-srv6-locator-dhcp <draft-ietf-spring-dhc-distribute-srv6-locator-dhcp@ietf.org>; spring-chairs <spring-chairs@ietf.org>; spring <spring@ietf.org>
Subject: Re: [spring] Re: Gunter Van de Velde's Discuss on draft-ietf-spring-dhc-distribute-srv6-locator-dhcp-13: (with DISCUSS)


CAUTION: This is an external email. Please be very careful when clicking links or opening attachments. See the URL nok.it/ext for additional information.


Hi Gunter，
We have submitted the new version-15,
In the security section, security considerations have been added.

B.R.
Weiqiang Cheng


From: Weiqiang Cheng<mailto:chengweiqiang@chinamobile.com>
Date: 2026-02-12 10:05
To: Gunter van de Velde \(Nokia\)<mailto:gunter.van_de_velde=40nokia.com@dmarc.ietf.org>; The IESG<mailto:iesg@ietf.org>
CC: aretana.ietf<mailto:aretana.ietf@gmail.com>; buraglio<mailto:buraglio@forwardingplane.net>; draft-ietf-spring-dhc-distribute-srv6-locator-dhcp<mailto:draft-ietf-spring-dhc-distribute-srv6-locator-dhcp@ietf.org>; spring-chairs<mailto:spring-chairs@ietf.org>; spring<mailto:spring@ietf.org>
Subject: [spring] Re: Gunter Van de Velde's Discuss on draft-ietf-spring-dhc-distribute-srv6-locator-dhcp-13: (with DISCUSS)
Dear Gunter,

Thank you for your valuable feedback. I fully understand and agree with your suggestion regarding the importance of clarifying the risks associated with extending segment routing to CPE devices.

In response to your comment, we will add a brief discussion in the Security Considerations section of the next revision.

Please let me know if you have any further suggestions or require additional adjustments.
Best regards,
Weiqiang


From: Gunter van de Velde \(Nokia\)<mailto:gunter.van_de_velde=40nokia.com@dmarc.ietf.org>
Date: 2026-02-11 21:50
To: Weiqiang Cheng<mailto:chengweiqiang@chinamobile.com>; The IESG<mailto:iesg@ietf.org>
CC: aretana.ietf<mailto:aretana.ietf@gmail.com>; buraglio<mailto:buraglio@forwardingplane.net>; draft-ietf-spring-dhc-distribute-srv6-locator-dhcp<mailto:draft-ietf-spring-dhc-distribute-srv6-locator-dhcp@ietf.org>; spring-chairs<mailto:spring-chairs@ietf.org>; spring<mailto:spring@ietf.org>
Subject: [spring] Re: Gunter Van de Velde's Discuss on draft-ietf-spring-dhc-distribute-srv6-locator-dhcp-13: (with DISCUSS)
I saw that version -14 was posted.

Thank you for clearing and resolving most of the open discuss’s.

The last one standing is:

“
[DISCUSS#3] in the security section i find no discussion on the risk of having
locators or sub-sets of locators leak to hosts? This could pose a serious
infrastructure security concern when the CPE is located at customer premise.

[Co-authors] We fully acknowledge the value of explicitly highlighting such risks. We will add text in the draft as you suggested. This clarification will be included in the Security Considerations section of the next revision.

GV2> Thank you
“

I found in the security section the following new testblob:

“
As a border node device,
the CPE MUST implement appropriate traffic filtering capabilities on
both its internal and external interfaces, as required by Section 5.1
of [RFC8754].
“

While the document notes that filtering is required, it doesn’t explain why extending segment routing to the CPE is risky. Traditionally, SR-MPLS networks terminate MPLS at the BRAS, not at the customer’s CPE. Connecting the core segment-routing backbone directly to a CPE can introduce security concerns. Adding a brief discussion of these risks and their implications in the security section will help clarify the need for the recommended filters and safeguards.

Brgds,
G/

From: Gunter van de Velde (Nokia)
Sent: Monday, January 26, 2026 10:47 AM
To: 'Weiqiang Cheng' <chengweiqiang@chinamobile.com<mailto:chengweiqiang@chinamobile.com>>; The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>
Cc: aretana.ietf <aretana.ietf@gmail.com<mailto:aretana.ietf@gmail.com>>; buraglio <buraglio@forwardingplane.net<mailto:buraglio@forwardingplane.net>>; draft-ietf-spring-dhc-distribute-srv6-locator-dhcp <draft-ietf-spring-dhc-distribute-srv6-locator-dhcp@ietf.org<mailto:draft-ietf-spring-dhc-distribute-srv6-locator-dhcp@ietf.org>>; spring-chairs <spring-chairs@ietf.org<mailto:spring-chairs@ietf.org>>; spring <spring@ietf.org<mailto:spring@ietf.org>>
Subject: RE: Gunter Van de Velde's Discuss on draft-ietf-spring-dhc-distribute-srv6-locator-dhcp-13: (with DISCUSS)

Hi Weigiang,

Thanks for the feedbacks.

Inline GV2>

From: Weiqiang Cheng <chengweiqiang@chinamobile.com<mailto:chengweiqiang@chinamobile.com>>
Sent: Thursday, January 22, 2026 6:53 AM
To: Gunter van de Velde (Nokia) <gunter.van_de_velde@nokia.com<mailto:gunter.van_de_velde@nokia.com>>; The IESG <iesg@ietf.org<mailto:iesg@ietf.org>>
Cc: aretana.ietf <aretana.ietf@gmail.com<mailto:aretana.ietf@gmail.com>>; buraglio <buraglio@forwardingplane.net<mailto:buraglio@forwardingplane.net>>; draft-ietf-spring-dhc-distribute-srv6-locator-dhcp <draft-ietf-spring-dhc-distribute-srv6-locator-dhcp@ietf.org<mailto:draft-ietf-spring-dhc-distribute-srv6-locator-dhcp@ietf.org>>; spring-chairs <spring-chairs@ietf.org<mailto:spring-chairs@ietf.org>>; spring <spring@ietf.org<mailto:spring@ietf.org>>
Subject: Re: Gunter Van de Velde's Discuss on draft-ietf-spring-dhc-distribute-srv6-locator-dhcp-13: (with DISCUSS)


CAUTION: This is an external email. Please be very careful when clicking links or opening attachments. See the URL nok.it/ext for additional information.



Dear Gunter,

Thank you for your review and valuable discussion points. Please find our responses inline below.

Best regards,

Weiqiang

From: Gunter Van de Velde via Datatracker<mailto:noreply@ietf.org>
Date: 2026-01-21 19:16
To: The IESG<mailto:iesg@ietf.org>
CC: aretana.ietf<mailto:aretana.ietf@gmail.com>; buraglio<mailto:buraglio@forwardingplane.net>; draft-ietf-spring-dhc-distribute-srv6-locator-dhcp<mailto:draft-ietf-spring-dhc-distribute-srv6-locator-dhcp@ietf.org>; spring-chairs<mailto:spring-chairs@ietf.org>; spring<mailto:spring@ietf.org>
Subject: Gunter Van de Velde's Discuss on draft-ietf-spring-dhc-distribute-srv6-locator-dhcp-13: (with DISCUSS)
Gunter Van de Velde has entered the following ballot position for
draft-ietf-spring-dhc-distribute-srv6-locator-dhcp-13: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/
for more information about how to handle DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-spring-dhc-distribute-srv6-locator-dhcp/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

# Gunter Van de Velde, RTG AD, comments for
draft-ietf-spring-dhc-distribute-srv6-locator-dhcp-13

# # The line numbers used are rendered from IETF idnits tool:
https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-spring-dhc-distribute-srv6-locator-dhcp-13.txt

# This document describes a method for assigning SRv6 locators to SRv6 Segment
Endpoint Nodes using DHCPv6.

[DISCUSS#1] One thing I found myself wondering about is how these locators
relate to the IGP algorithms they’re associated with. It may very well be that
the current proposal is intentionally algorithm-agnostic, and that’s perfectly
fine. With this DISCUSS, I’m mainly trying to better understand how this
approach aligns with IGP flexible algorithms and to understand if this may be
potentially described within the document.

[Co-authors] The current version does not consider adopting Flex-algo, mainly for two reasons: First, in many application scenarios, customer-side terminals do not support IGP; second, there is currently no clear demand for using Flex-algo. As per your suggestion, the authors will further analyze the value of IGP flexible algorithms in this scenario in subsequent work.


GV2> I’m not fully convinced this is just about whether or not to adopt flex-algo. The document is clearly about SRv6 locators, which is fine. What I’m trying to better understand is what happens if a locator ends up being associated by the network with a non-default algorithm (say 128-255) instead of algorithm 0.
>From your response, it sounds like the assumption is that locators used with this dhcpv6 technology are flex-algo agnostic. If that’s the case, does that mean the locators discussed here are implicitly tied to algorithm 0 only, or are locators for algorithms 128-255 also in scope? Maybe in future there is an additional dhcp extension to signal additional Locator attributes?
If there is a working assumption regarding implicit algorithm 0, it might be worth spelling it out more explicitly in the document. That would help readers avoid having to infer the intent or go on a bit of a treasure hunt to understand the gap and its implications.



[DISCUSS#2] In addition, I’d like to get a sense of whether it would be
considered good or bad practice for the SRv6 locator of algorithm 0 (assuming,
as I suspect, that non-zero algorithms are not applicable here) to have a
portion of its address space carved out and used for direct DHCP-based
assignment to attached hosts. Operational guidance on this may be useful.
 [Co-authors] As mentioned above regarding the scenario of IGP flexible algorithms, we will analyze the requirements further. In this document, we will add some text on operational guidance in next version.

GV2> Thanks. Let me know when there is a new document version posted.

[DISCUSS#3] in the security section i find no discussion on the risk of having
locators or sub-sets of locators leak to hosts? This could pose a serious
infrastructure security concern when the CPE is located at customer premise.

[Co-authors] We fully acknowledge the value of explicitly highlighting such risks. We will add text in the draft as you suggested. This clarification will be included in the Security Considerations section of the next revision.

GV2> Thank you


[DISCUSS#4] The document does not talk about SRv6 csid locators and csid
structures (RFC9800). Is that intentional?

[Co-authors] This draft can support the csid defined in RFC9800. In Figure 3, the IA Locator Option Format can distinguish between Locator Block and Locator Node, and can handle compressed SID lists. In the new version of the draft, we will add some text, reference RFC9800, and clearly state support for CSID.

GV2> Thank you. Looking forward for a next version.

Be well,
G/

I’m looking forward to your thoughts and clarification on this.

Gunter Van de Velde,
Routing AD