Re: [Isis-wg] Comments on draft-ietf-isis-reverse-metric-05

[Alexander Okonnikov <alexander.okonnikov@gmail.com>]

Hi Les,


I think that this is alternative to RFC 6138 and complement to RFC 5443. 
Per my understanding, it is supposed that only startup router is 
responsible for advertising Reverse metric. It also applies procedure 
from RFC 5443 (i.e. increases its forward metric). According to that, 
all other routers on the LAN will have high metric towards startup 
router. Startup router also has high metric towards LAN (per RFC 5443). 
At the same time routers on the LAN, except startup router, can use this 
LAN for transit traffic. I expect that other routers will not apply RFC 
5443 on this LAN and will not advertise Reverse metric when new node 
appears on the LAN, unless for startup of their own interface to this 
LAN. To make this procedure reliable, other router can monitor metric 
over LAN towards startup router, and if it equals to 2^24-2 (assumed 
that Reverse metric value will be 2^24-2 for this application), they 
don't apply procedure from RFC 5443. Otherwise they fallback to RFC 5443 
(DIS is not compatible to the draft and ignores Reverse metric). Once 
startup router has received EoL over all LDP sessions over LAN (or their 
synchronization timeouts have been expired), it could revert its forward 
metric back to configured one. Once it have sent EoL over all LDP 
sessions over LAN, it ceases advertisement of its Reverse metric.


Nevertheless, let's wait Naiming's clarifications on this.

Thank you.


30.04.2017 17:37, Les Ginsberg (ginsberg) пишет:
>
> Naiming/Alex –
>
> Regarding Appendix C, I think you have to be careful here.
>
> If a LAN is operational with three nodes (A, B, C) – all LDP sessions 
> established, then a new node (D) is introduced to the LAN, what should 
> one do?
>
> As RFC 5443 states (Section 3):
>
> “On broadcast links with more than one IGP/LDP peer, the cost-out
>
> procedure can only be applied to the link as a whole and not to an
>
> individual peer.  So a policy decision has to be made whether the
>
> unavailability of LDP service to one peer should result in the
>
> traffic being diverted away from all the peers on the link.”
>
> If you are going to position reverse-metric as an 
> alternative/enhancement to RFC 5443 I think you need to discuss this 
> is more detail.
>
> For myself, I can see that reverse-metric would be useful in a node 
> startup case where the new node would steer traffic away from the LAN 
> when the nexthop was itself – but I would be reluctant to use it after 
> startup when some other node comes up.
>
> I also think a non-normative reference to RFC 5443 would be in order.
>
> Les
>
> *From:*Naiming Shen (naiming)
> *Sent:* Thursday, April 27, 2017 5:33 PM
> *To:* Alexander Okonnikov
> *Cc:* Les Ginsberg (ginsberg); 
> draft-ietf-isis-reverse-metric.authors@ietf.org; isis-wg@ietf.org
> *Subject:* Re: [Isis-wg] Comments on draft-ietf-isis-reverse-metric-05
>
> Hi Alex,
>
> Sure. Will do. thanks.
>
> - Naiming
>
>     On Apr 27, 2017, at 5:24 PM, Alexander Okonnikov
>     <alexander.okonnikov@gmail.com
>     <mailto:alexander.okonnikov@gmail.com>> wrote:
>
>     Naiming,
>
>     One more comment about Appendix C of the draft. Description looks
>     like this use case is applicable only for LDP session between DIS
>     and non-DIS with Reverse metric. What about LDP sessions between
>     pairs of any routers on the LAN? I.e. may be it would be better to
>     replace 'LDP adjacency to the DIS' by 'LDP adjacencies to other
>     routers on the LAN', and 'completion of transmission of End-of-LIB
>     towards DIS' by 'completion of transmission of End-of-LIB on all
>     LDP sessions with routers on the LAN'.
>
>     Thank you.
>
>
>     28 апр. 2017 г., 2:59 +0300, Naiming Shen (naiming)
>     <naiming@cisco.com <mailto:naiming@cisco.com>>, писал:
>
>     Hi Alex,
>
>     Will add this ‘Two-way connectivity check’ requirement to
>     emphysize the point
>
>     in that section.
>
>     thanks.
>
>     - Naiming
>
>         On Apr 27, 2017, at 4:55 PM, Alexander Okonnikov
>         <alexander.okonnikov@gmail.com
>         <mailto:alexander.okonnikov@gmail.com>> wrote:
>
>         Les,
>
>         Exactly, and my concern about other implementations that
>         adhere that Annex.
>
>         May be it would be good to make clarification in the draft
>         about these specifics.
>
>         Thank you!
>
>
>         28 апр. 2017 г., 2:51 +0300, Les Ginsberg (ginsberg)
>         <ginsberg@cisco.com <mailto:ginsberg@cisco.com>>, писал:
>
>         Alex –
>
>         I think you are referring to ISO 10589:2002 Annex C.2.4
>
>         Note that this section is non-normative and is simply
>         describing one possible way to implement the algorithm. When
>         there is a question between this description and the normative
>         portions of the specification the normative portions MUST be
>         followed.
>
>         Note that some implementations choose to initialize the tent
>         from their own LSPs..
>
>         Les
>
>         *From:* Alexander Okonnikov [mailto:alexander.okonnikov@gmail.com]
>         *Sent:* Thursday, April 27, 2017 4:34 PM
>         *To:* Naiming Shen (naiming); Les Ginsberg (ginsberg)
>         *Cc:* draft-ietf-isis-reverse-metric.authors@ietf.org
>         <mailto:draft-ietf-isis-reverse-metric.authors@ietf.org>;
>         isis-wg@ietf.org <mailto:isis-wg@ietf.org>
>         *Subject:* Re: [Isis-wg] Comments on
>         draft-ietf-isis-reverse-metric-05
>
>         Hi Les,
>
>         Yes, I agree that two-way check via LSPs is performed, thank
>         you for correction.
>
>         The problem that I'm talking is that in step 0 neighbors are
>         put on the TENT from adjacency database, not from LSP of the
>         router that is running SPF. Hence, for example above, when R1
>         will install routes via R2, metric for those routes will be
>         based on the metric of R1's LAN interface, and not on sum of
>         metrics 'R1 -> pseudonode' + 'pseudonode -> R2' from LSPs.
>
>
>         28 апр. 2017 г., 1:41 +0300, Les Ginsberg (ginsberg)
>         <ginsberg@cisco.com <mailto:ginsberg@cisco.com>>, писал:
>
>         Thanx Naiming – sounds good.
>
>         Les
>
>         *From:* Naiming Shen (naiming)
>         *Sent:* Thursday, April 27, 2017 3:33 PM
>         *To:* Les Ginsberg (ginsberg)
>         *Cc:* isis-wg@ietf.org <mailto:isis-wg@ietf.org>;
>         draft-ietf-isis-reverse-metric.authors@ietf.org
>         <mailto:draft-ietf-isis-reverse-metric.authors@ietf.org>
>         *Subject:* Re: Comments on draft-ietf-isis-reverse-metric-05
>
>         and add a bit to ‘link-attribute’ bit value of the sub-TLV 19
>
>         in the codepoint registry.
>
>         thanks.
>
>         - Naiming
>
>             On Apr 27, 2017, at 3:30 PM, Naiming Shen (naiming)
>             <naiming@cisco.com <mailto:naiming@cisco.com>> wrote:
>
>             Les,
>
>             We’ll add more text into the section 1.2 ‘Distributed
>             Forwarding Planes.
>
>             We’ll remove the reference to mobility in the text.
>
>             thanks.
>
>             - Naiming
>
>                 On Apr 26, 2017, at 9:07 PM, Les Ginsberg (ginsberg)
>                 <ginsberg@cisco.com <mailto:ginsberg@cisco.com>> wrote:
>
>                 Naiming –
>
>                 Thanx for the reply.
>
>                 Inline – look for LES:
>
>                 *From:*Naiming Shen (naiming)
>                 *Sent:*Wednesday, April 26, 2017 6:47 PM
>                 *To:*Les Ginsberg (ginsberg)
>                 *Cc:*isis-wg@ietf.org
>                 <mailto:isis-wg@ietf.org>;draft-ietf-isis-reverse-metric.authors@ietf.org
>                 <mailto:draft-ietf-isis-reverse-metric.authors@ietf.org>
>                 *Subject:*Re: Comments on
>                 draft-ietf-isis-reverse-metric-05
>
>                 Les,
>
>                 Thanks for the detailed comments. See some of my
>                 replies inline
>
>                 between [NS->] [<-NS]:
>
>                     On Apr 25, 2017, at 6:01 PM, Les Ginsberg
>                     (ginsberg) <ginsberg@cisco.com
>                     <mailto:ginsberg@cisco.com>> wrote:
>
>                     Naiming/Michael/Shane -
>
>                     Some comments on the draft.
>
>                     *Section 1.2. Distributed Forwarding Planes*
>
>                     RFC 5306 (Restart Signaling) has already defined
>                     use of the SA bit in the Restart TLV to request
>                     that  a neighbor suppress advertisement of the
>                     adjacency thus preventing 2-way connectivity check
>                     from passing on that link. It is not clear to me
>                     why SA bit is not sufficient.
>
>                     For that matter, the local system could simply not
>                     advertise the adjacency to the neighbor and
>                     achieve the same result. Why do we need any
>                     extension to handle the adjacency bringup case?
>
>                 [NS->]
>
>                 I have some points on this:
>
>                 (1) if the linecard resets on the router, that is not
>                 a graceful restart case for IS-IS
>
>                 (2) related to the comments you were with Mikael on
>                 the ‘a matter of seconds’,
>
>                       this issue is more with BGP VPN than with IS-IS
>                 routes. IS-IS routes can be
>
>                 downloaded into the line card quickly, but millions of
>                 VPN routes may take
>
>                       a while
>
>                 (3) During this ‘take a while’, we still want to be
>                 the last resort of connection
>
>                       to our neighbors, instead of just blindly refuse
>                 any traffic inbound
>
>                 (4) Outbound traffic direction may not have any
>                 problem, we certainly want
>
>                       to reuse the link as soon as possible.
>
>                 How about we add some text to refer to those
>                 reasonings on this use-case?
>
>                 [<-NS]
>
>                 */[Les:] SA bit is not restricted to restart cases.
>                 This is discussed in RFC 5306. But SA bit is probably
>                 not the right mechanism here either as it is designed
>                 to delay adjacency advertisement until the full link
>                 state DB is acquired – this isn’t relevant here.
>                 Apologies for mentioning it./*
>
>                 *//*
>
>                 */But in cases where the trigger (link/adjacency up)
>                 is known to all impacted routers at the same time
>                 reverse-metric is unnecessary./*
>
>                 *//*
>
>                 */Reverse metric can be useful when you want to
>                 administratively change the state of an operational
>                 link and have it impact traffic flow in both
>                 directions. Because  there is no change to the
>                 operational state of the link all affected routers
>                 have to be notified of the administrative state change
>                 in some manner – reverse-metric makes this more
>                 convenient by requiring the administrative command to
>                 be signaled only on one node and have it immediately
>                 propagated to the other affected nodes. But it serves
>                 no purpose in cases where the operational state of the
>                 link is already being signaled to the control plane of
>                 all affected routers. it is in fact redundant in such
>                 cases as each router is already aware. If you use
>                 reverse-metric in such a case both routers will each
>                 tell the other one to do something that they are
>                 already doing./*
>
>                 *Section 1.3 Mobility Cases*
>
>                 I am not clear on why both ISs in such a case would
>                 not detect the change in proximity and both do metric
>                 adjustment. What is the need for use of reverse metric
>                 in this case?
>
>                 [NS->]
>
>                 Yes, you are right if the link is point-to-point. As
>                 described in RFC 8042
>
>                 “OSPF Two-Part Metric”, if the base-station is the
>                 DIS, it does not want
>
>                 to set link metric for all the remote stations, and it
>                 could be only one
>
>                 remote station moves away or closer.
>
>                 How about we remove the point-to-point circuit in the
>                 text of this use-case?
>
>                 [<-NS]
>
>                 */[Les:] I am struggling to see reverse-metric as
>                 equivalent to RFC 8042. If we support RFC 8042 then we
>                 don’t need reverse-metric./*
>
>                 */If we do not support RFC 8042, reverse-metric does
>                 not provide the same optimization as RFC 8042 as it
>                 requires multiple routers to send updates. Are you
>                 really positioning reverse-metric as an RFC 8042
>                 alternative?/*
>
>                 */Or am I missing something?/*
>
>                 *//*
>
>                 *Section 2*
>
>                 From the description what is being advertised in the
>                 new TLV is not a metric but a metric offset i.e. you
>                 want the receiving IS to add the advertised value to
>                 its existing configured metric. Identifying the metric
>                 field as "metric offset" would make this point more
>                 clearly.
>
>                 [NS->]
>
>                 Agreed.
>
>                 [<-NS]
>
>                 In regards to the use of sub-TLVs, I think the only
>                 use case you have is to advertise a TE metric offset -
>                 but this could easily be done as an additional fixed
>                 field in the TLV itself. Unless you foresee other
>                 sub-TLVs I think sub-TLVs could be eliminated from the
>                 TLV definition. (I also think advertising TE metric
>                 offset is unnecessary – see additional comments on TE
>                 below)
>
>                 If  you want to retain sub-TLVs for future proofing
>                 you do not need both an S flag indicating the presence
>                 of sub-TLVs and a sub-TLV length field. One or the
>                 other will suffice.
>
>                 [NS->]
>
>                 I think we were mainly for future proofing point on
>                 this. Sure, will get rid of the S flag.
>
>                 [<-NS]
>
>                     *Last Paragraph of Section 3.1 states:*
>
>                     "If the router does not understand the Reverse
>                     Metric TLV..."
>
>                     I don't think this needs to be said. It is
>                     standard IS-IS behavior to silently ignore TLVs
>                     which are not understood - and if a router does
>                     not understand the new TLV it certainly would not
>                     know what it is it "should not do". :-)
>
>                     The point about allowing local policy to disable
>                     processing of the Reverse Metric TLV is a good one
>                     and the security reasons for it should be emphasized.
>
>                 [NS->]
>
>                 Agreed. Wll remove this sentence.
>
>                 [<-NS]
>
>                     *Section 3.5*
>
>                     "During the period when a Reverse Metric TLV is
>                     used, IS-IS routers
>
>                     that are generating and receiving a Reverse Metric
>                     TLV MUST NOT
>
>                     change their existing IS-IS metric or Traffic
>                     Engineering parameters
>
>                     in their persistent provisioning database"
>
>                     I would expect that use of Reverse Metric would
>                     often be associated with a maintenance window - in
>                     which case this is precisely the time to expect
>                     configuration changes. Because traffic has been
>                     diverted from the link this is actually the safest
>                     time to make configuration changes. Therefore I
>                     think this restriction is both unnecessary and
>                     undesirable.
>
>                 [NS->]
>
>                 Your suggested text (thread with Mikael):
>
>                 "The use of Reverse Metric does not alter IS-IS metric
>                 parameters stored in a router's persistent
>                 provisioning database.”
>
>                 looks good to me.
>
>                 [<-NS]
>
>                     *Regarding the TE related text*
>
>                     https://www.ietf.org/id/draft-ietf-ospf-link-overload-06.txt has
>                     highlighted that TE CSPF may not always be based
>                     on metric (IGP or TE). In which case altering the
>                     metric advertisement may not be sufficient to move
>                     TE traffic away from the link.
>
>                 [NS->]
>
>                 Sure, TE can be impacted by ‘color’, link congestion
>                 data from inband or out-band,
>
>                 and many other things. Its hard to cover all the
>                 things from SND point of view.
>
>                 [<-NS]
>
>                     I think a more robust strategy would be to assign
>                     a bit in the link attributes sub-TLV defined in
>                     RFC 5029 to indicate that the state of the link is
>                     "maintenance" (or "overload") and that TE traffic
>                     should avoid this. That would be more robust than
>                     altering TE metric and would also eliminate the
>                     need to use the reverse metric to alter TE metric.
>                     Please
>                     seehttps://www.iana.org/assignments/isis-tlv-codepoints/isis-tlv-codepoints.xhtml#isis-tlv-codepoints-19of22.
>
>                 [NS->]
>
>                 Ok. But which TE traffic? You can say even if it’s
>                 ‘overloaded’ I still want to
>
>                 send certain TE traffic over. When this side of the
>                 link pushes a large
>
>                 offset value of reverse-metric over and the other side
>                 adds this to the
>
>                 link metric and TE metric values, if the controller
>                 wants to detect this
>
>                 condition (normally the network uses metric below
>                 3000, and this
>
>                 link suddenly has the value of a billion, I’ll conside
>                 the other side of
>
>                 this link is ‘overloaded’.
>
>                 I’m just saying I’m not sure if this is a real case.
>                 We can certainly
>
>                 add that if needed.
>
>                 [<-NS]
>
>                 */[Les:] We agree that we do not want to try to
>                 account for every possible set of constraints. Metric
>                 is one possible constraint – but I do not see that it
>                 makes sense to treat this in a special way. If instead
>                 of modifying TE metric we advertise a link state
>                 (“maintenance” or “overload”) then TE on each router
>                 can decide for itself what adjustments it should make
>                 to all of the local tunnels independent of the set of
>                 constraints each tunnel has./*
>
>                 *//*
>
>                 Les
>
>                 Best Regards,
>
>                 - Naiming
>
>                 Les
>
>         _______________________________________________
>         Isis-wg mailing list
>         Isis-wg@ietf.org <mailto:Isis-wg@ietf.org>
>         https://www.ietf.org/mailman/listinfo/isis-wg
>