Re: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Routing drafts
"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Fri, 14 November 2014 00:53 UTC
Return-Path: <ginsberg@cisco.com>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 685041A1A4B for <isis-wg@ietfa.amsl.com>; Thu, 13 Nov 2014 16:53:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.095
X-Spam-Level:
X-Spam-Status: No, score=-15.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.594, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9_DieGWAXxsl for <isis-wg@ietfa.amsl.com>; Thu, 13 Nov 2014 16:53:26 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23C6B1A1A60 for <isis-wg@ietf.org>; Thu, 13 Nov 2014 16:53:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7309; q=dns/txt; s=iport; t=1415926406; x=1417136006; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=7PtaDwobW7csY+QACq7MRN5oZcsQCDQmaOYmE9hT4K4=; b=J9CXetSyksltAZItEvMZSVYWUwiahQa6y19TzcHxvEWWJMA/QfyHFlnC 3BkX95YXHF7tYjSuV3PeDxzO8snh1KBbT8+TptcoZLsFJ5j7X08AnAbZ5 rb5qT0XDGZt24Ur3CzX7sbc9er4NGRFweJ5IQCDUhroQqwuVi1RrKCLGv E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ah0FADdSZVStJA2G/2dsb2JhbABbgmsjVFkEzGsMh00CgR8WAQEBAQF9hAIBAQEEAQEBNzQLDAQCAQgOAwQBAQsUCQcnCxQJCAIEAQ0FCBOIJgEM0HcBAQEBAQEBAQEBAQEBAQEBAQEBAQETBIp4hUsBAR4xBwaDJ4EeBZI6hFOIWINPgzWGeYMshAqDfG2BDzmBAwEBAQ
X-IronPort-AV: E=Sophos;i="5.07,381,1413244800"; d="scan'208";a="368957730"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by rcdn-iport-9.cisco.com with ESMTP; 14 Nov 2014 00:53:25 +0000
Received: from xhc-rcd-x11.cisco.com (xhc-rcd-x11.cisco.com [173.37.183.85]) by alln-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id sAE0rOiN008049 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 14 Nov 2014 00:53:25 GMT
Received: from xmb-aln-x02.cisco.com ([fe80::8c1c:7b85:56de:ffd1]) by xhc-rcd-x11.cisco.com ([173.37.183.85]) with mapi id 14.03.0195.001; Thu, 13 Nov 2014 18:53:24 -0600
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: David Lamparter <equinox@diac24.net>, "isis-wg@ietf.org" <isis-wg@ietf.org>
Thread-Topic: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Routing drafts
Thread-Index: AQHP7K6tdedxTv+xWUaq7yP65cXZ35xfaLUQ
Date: Fri, 14 Nov 2014 00:53:23 +0000
Message-ID: <F3ADE4747C9E124B89F0ED2180CC814F4ED5DA79@xmb-aln-x02.cisco.com>
References: <20141020214128.GE236844@jupiter.n2.diac24.net>
In-Reply-To: <20141020214128.GE236844@jupiter.n2.diac24.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.21.72.140]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/isis-wg/E_vdDth8Bugt9yvPJlmpsZj56p8
Cc: Hannes Gredler <hannes@juniper.net>, Chris Hopps <chopps@rawdofmt.org>
Subject: Re: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Routing drafts
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Nov 2014 00:53:29 -0000
David - I have read this draft twice now. The first time I hated it. The second time I merely disliked it. If you take that as encouragement - don't. :-) After two readings I have a better appreciation of your motivations, but I still think the proposal is undesirable and unnecessary. Hopefully we can agree that what you are attempting to create are "topologies" - where the "identifier" for a given topology is both a set of "critical sub-TLVs" and the MTID. However if you want to support more than one topology you need more than just consensus in the control plane as to what features are supported. You also need multiple FIBs and the ability to mark and classify packets so that forwarding is performed using the appropriate FIB. And of course a way of agreeing on consistent classification throughout the topology. This then introduces a large set on constraints as to whether the routing protocol should advertise whether it supports or does not support a particular critical sub-TLV. It is not enough to know whether the protocol code itself understands the code point. Issues such as: Does the forwarding plane support the forwarding paradigm? Is the associated QOS policy supported? Is the support consistemt across all possible forwarding engines with which the control may be integrated? If a particular sub-TLV includes multiple capabilities (e.g. using flag bits) how do we indicate what subset of the functionality a particular code point might advertise we support? (Oh sure - we'll just forbid flags in critical sub-TLVs in favor of more code points and less efficient encoding??) And of course, none of this is a perfect solution to partial deployment since it is still possible to partition the topology. If we are going to reinvent a significant portion of the protocol I would want a much higher ROI than I see in this proposal. You don't need this to solve the initial problem which motivated you to write this (SADR partial deployment). Existing RFC 5120 support and using a reserved MTID for SADR would do just as well (though this should not be interpreted as me recommending that you do that). I suggest you abandon this work. Les > -----Original Message----- > From: Isis-wg [mailto:isis-wg-bounces@ietf.org] On Behalf Of David > Lamparter > Sent: Monday, October 20, 2014 2:41 PM > To: isis-wg@ietf.org > Cc: Hannes Gredler; Chris Hopps > Subject: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Routing drafts > > Hi isis WG, > > > TL;DR: new Reachability TLVs with "critical bit" on Sub-TLVs, and > refreshed version on baker-ipv6-isis-dst-src. > > > submitted to the I-D archive for your consideration are: > https://datatracker.ietf.org/doc/draft-lamparter-isis-reachability-critical- > subtlvs/?include_text=1 > https://datatracker.ietf.org/doc/draft-baker-ipv6-isis-dst-src- > routing/?include_text=1 > (I've submitted the update to Fred's draft just a few minutes ago, it'll > show up as soon as he clicks "OK". I'll drop another mail when it's > visible.) > > These drafts mesh with 2 rtgwg drafts: > https://datatracker.ietf.org/doc/draft-lamparter-rtgwg-routing-extra- > qualifiers/?include_text=1 > https://datatracker.ietf.org/doc/draft-lamparter-rtgwg-dst-src- > routing/?include_text=1 > > reachability-critical-subtlvs creates Reachability TLVs with "critical" > Sub-TLVs. The idea here is that we really don't want non-SADR routers > to process the Reachability, discarding the source restriction. This > can lead to persistent loops: > > R1 - R2* - R3 - R4 > | | > | 2001:db8::/32, src 2001:db8:1234::/48 > | > 2001:db8::/32, src ::/0 > > R2* doesn't support SADR, R1/3/4 do. > Inject packet from 2001:db8:1234::1 to 2001:db8::1. R1 correctly routes > to R2. R2 routes back to R1 because it only sees two Reachabilities for > 2001:db8::/32 without the source spec. Loop ensues. > > There are alternate solutions to this; the draft above is the generic > variant. As the draft's introduction states, it can be used for all > kinds of mandatory information, covering destination specification > amendments like the source prefix restriction, and possibly > encapsulations (if the originating router requires them to perform > correct routing). > > Alternate solutions would be: > - specifically create a Reachability TLV for SADR routes. Achieves > hiding the SADR routes from non-SADR routers, without the generic > approach. > - use a different M-ISIS topology. However, this implies we're starting > to use MT IDs as feature indicators, possibly leading to a cartesian > expansion of MT IDs, and it turns M-ISIS into a dependency. > - only become adjacent to routers supporting SADR. Poor interop, but a > valid approach. > - ignore the problem. I've gotten feedback suggesting this is going too > far to prevent the admin from shooting itself in the foot by mixing > SADR and non-SADR systems. Personally, I disagree, because I don't > think usage scenarios are cleanly separable on the internet, but I'd > appreciate feedback on this as well. > > I'd expect the question to come up: we have _not_ implemented this yet > in the homenet IS-IS demo. Right now it's expecting a homogenous > homenet environment without any checks, and it _will_ persistently loop > if you put a non-homenet box in the middle and fudge it right. > > There are also things that can be changed about the draft as it is now, > namely I'm expecting feedback on: > - TLV encoding. It's two separate Sub-TLV areas right now. > Alternatively, it could be: > - some bit indicating "critical" > - nested Sub-TLVs for critical/optional > - or, a "end of mandatory TLVs" marker TLV > > Note there's a requirement for a non-empty critical TLV draft in the > block, since if it is in fact empty the router is supposed to > originate the "normal" Reachability TLVs. > > - SPF requirements. Right now the draft only specifies the "full" > approach of effectively doing MT based on capabilities. It might be > useful to have a simplified "fail to unreachable". The router would > calculate its SPF without looking at capabilities, and then just > turn it into an unreachable if a router along the way doesn't support > SADR. > > > Then, finally, Fred's dst-src draft is updated for MT considerations. > The draft now suggests Source Prefix Sub-TLVs are applicable to MT IDs > 0 (default/non-MT), 2 (IPv6 unicast), and 5 (IPv6 management). It > notably does not apply to #4 (IPv6 multicast) because there's no source > address on Multicast RPF lookups. There's currently a lot of overlap > still in isis-dst-src; if I don't get negative feedback on the other > drafts (lamparter-rtgwg-*) I'll be trimming that. > > > And, finally, I'd like to present these in Hawaii - could I get a slot > on the schedule please? > > Thanks in advance for any feedback, > > > -David > > _______________________________________________ > Isis-wg mailing list > Isis-wg@ietf.org > https://www.ietf.org/mailman/listinfo/isis-wg
- [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Routin… David Lamparter
- Re: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Ro… Les Ginsberg (ginsberg)
- Re: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Ro… David Lamparter
- Re: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Ro… Les Ginsberg (ginsberg)
- Re: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Ro… Acee Lindem (acee)