Re: [Isis-wg] ISIS-autoconf-04 submitted //FW: New Version Notification for draft-liu-isis-auto-conf-04.txt

Karsten Thomann <karsten_thomann@linfre.de> Tue, 09 June 2015 07:28 UTC

Return-Path: <karsten_thomann@linfre.de>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DC1E1B29F3 for <isis-wg@ietfa.amsl.com>; Tue, 9 Jun 2015 00:28:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.562
X-Spam-Level:
X-Spam-Status: No, score=-1.562 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8WdNYNkDjBkE for <isis-wg@ietfa.amsl.com>; Tue, 9 Jun 2015 00:28:41 -0700 (PDT)
Received: from linfre.de (linfre.de [83.151.26.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 874591B29EF for <isis-wg@ietf.org>; Tue, 9 Jun 2015 00:28:41 -0700 (PDT)
Received: from e7240.linfre (195.226.191.106) by linfreserv (Axigen) with (ECDHE-RSA-AES256-SHA encrypted) ESMTPSA id 31533E; Tue, 9 Jun 2015 09:28:28 +0200
From: Karsten Thomann <karsten_thomann@linfre.de>
To: "Liubing (Leo)" <leo.liubing@huawei.com>
Date: Tue, 09 Jun 2015 09:28:30 +0200
Message-ID: <2303767.J4ItTAn8Zy@e7240.linfre>
User-Agent: KMail/4.14.6 (Linux/3.17.1-52.g5c4d099-desktop; KDE/4.14.6; x86_64; ; )
In-Reply-To: <8AE0F17B87264D4CAC7DE0AA6C406F45A6793EEE@nkgeml506-mbx.china.huawei.com>
References: <8AE0F17B87264D4CAC7DE0AA6C406F45A678E17E@nkgeml506-mbx.china.huawei.com> <2479054.jksjisMxEl@linne> <8AE0F17B87264D4CAC7DE0AA6C406F45A6793EEE@nkgeml506-mbx.china.huawei.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
X-AXIGEN-DK-Result: No records
DomainKey-Status: no signature
X-AxigenSpam-Level: 5
Archived-At: <http://mailarchive.ietf.org/arch/msg/isis-wg/3yfdDwN9HFjOmJbGItqKKPrPF28>
Cc: "isis-wg@ietf.org" <isis-wg@ietf.org>
Subject: Re: [Isis-wg] ISIS-autoconf-04 submitted //FW: New Version Notification for draft-liu-isis-auto-conf-04.txt
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jun 2015 07:28:43 -0000

Hi Bing

Am Dienstag, 9. Juni 2015, 05:21:44 schrieb Liubing:
> Hi Karsten,
> 
> > > Regarding 3.3.2:
> > > 
> > > 
> > > 
> > > What is exactly the duplication resolution, if the NET is used by an
> > > ISIS
> > > 
> > > Router not capable of autoconfig?
> > > 
> > > 
> > > 
> > > In my opinion the device which is auto config capable MUST recalculate
> > > its
> > > 
> > > NET, if the other router does not advertise a Router-Fingerprint TLV.
> > > 
> > > 
> > > 
> > > [Bing] The autoconfig should be a dedicated ISIS process that it won't
> > > be
> > > 
> > > mixed with the non-autoconf routers. This is prevented by the
> > > 
> > > Authentication TLV as described in 3.4.1.
> > 
> > Yes and no, the draft uses a MUST for the ability to change the password,
> > and there are possible cases where it is indended by design to use
> > somewhere a link between a autoconf based network and the not autoconf
> > network...
> > 
> > 
> > 
> > I my opinion it's a bit weak argument to not specify that behavior
> > explicitly.
> > 
> > 
> > 
> > [Bing] I think it's good to explicitly specify the behavior.
> > 
> > But I'd prefer the behavior to be abandoning the LSP rather than
> > recalculating its NET. In this case, the router without a
> > Router-Fingerprin
> > TLV just could not joint in the autoconf process, even if the
> > authentication TLV is correct.
> > 
> > How do you think about it?
> 
> In my opinion autoconf routers should be as "passive" to the network as
> possible, and how would the abandoning of the LSP solve the issue if the
> other router is not directly connected or multihomed to other routers?
> 
> [Bing] Sorry, I'm a bit confused. Let me explain what I understood to check
> whether I was sync with you. Say, RouterB is in an Autoconf area, and also
> connected to a Non-Auto area. By accident, the RouterC in the Non-auto area
> has a NET the same with RouterB, and for some reason RouterC send a LSP
> including the AuthTLV and set the autoconf password but without a
> Router-Fingerprint TLV. Then, my understanding is that it is not a bad LSP,
> which should be dropped by RouterB's autoconf process so that it won't
> influent the autoconf process. Did I miss something?

Ok, that maybe explains our communication problem, my thinking requires at 
least 3 routers to explain it.

Example topology is the following
|A| <-> |B| <-> |C|

A is the starting router and wants to join the ISIS network, B and C already 
have built an adjacency.
C isn't autoconf capable with a configured NET and now A want's to join the 
network with the same NET as C.
My question is now, what is done to prevent the LSP war?
In my opinion C should detect the duplicate NET and as it recognizes that C 
isn't autoconf capable (as there is no Router-Fingerprint-TLV) it should 
recalculate its NET.

I hope this explains my "corner case" good enough.