Re: [Isis-wg] Comments on draft-ietf-isis-reverse-metric-05

"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Wed, 26 April 2017 13:13 UTC

Return-Path: <ginsberg@cisco.com>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 540281294F3; Wed, 26 Apr 2017 06:13:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.523
X-Spam-Level:
X-Spam-Status: No, score=-14.523 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id THdFHx8aHBvD; Wed, 26 Apr 2017 06:13:35 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D29F7127B73; Wed, 26 Apr 2017 06:13:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10432; q=dns/txt; s=iport; t=1493212414; x=1494422014; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=aAmLgBRzDRf16lDeQEsrkGhz/QPK1Bdi7dGLl97qBJw=; b=XhrjSVD00rT0t8lWh/GvOGgdCmSOhMVXP2qKXPMpVBiSsPfz5ZGWVfcS kmXw0Uve1basvgD+F+XoDczCeJ4r/T2pOBC1V4G/nGpS6K9xVeSTzjyyM M4Zyb1boatF1oZOK0zlzW05cVhQRgc2/RSwxkMYs138hLAYGZyuT+DRBD Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0BFAQAonABZ/5pdJa1bGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBg1VhgQwHg2GKFpFIlWuCDyyFeAIahAg/GAECAQEBAQEBAWsohRU?= =?us-ascii?q?BAQEBAgEjEUUFBwQCAQgOAwQBAQECAiMDAgICMBQBCAgBAQQOBQiKCwgOqi6CJ?= =?us-ascii?q?oswAQEBAQEBAQEBAQEBAQEBAQEBAQEBGAWBC4VJgV2DG4QgCREBCCsPgmCCXwW?= =?us-ascii?q?dTgGTAYILhTeKJYh0izIBHzhZJghlFYUxHIFjdQGGOA4XgQqBDQEBAQ?=
X-IronPort-AV: E=Sophos;i="5.37,254,1488844800"; d="scan'208";a="237837958"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Apr 2017 13:13:33 +0000
Received: from XCH-RCD-002.cisco.com (xch-rcd-002.cisco.com [173.37.102.12]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id v3QDDXvK020667 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 26 Apr 2017 13:13:33 GMT
Received: from xch-aln-001.cisco.com (173.36.7.11) by XCH-RCD-002.cisco.com (173.37.102.12) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Wed, 26 Apr 2017 08:13:32 -0500
Received: from xch-aln-001.cisco.com ([173.36.7.11]) by XCH-ALN-001.cisco.com ([173.36.7.11]) with mapi id 15.00.1210.000; Wed, 26 Apr 2017 08:13:32 -0500
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: Mikael Abrahamsson <swmike@swm.pp.se>
CC: "isis-wg@ietf.org" <isis-wg@ietf.org>, "draft-ietf-isis-reverse-metric.authors@ietf.org" <draft-ietf-isis-reverse-metric.authors@ietf.org>
Thread-Topic: [Isis-wg] Comments on draft-ietf-isis-reverse-metric-05
Thread-Index: AdK+JxQJA15q8GGGTXq4r5Ic9IlvxQAUFbOAAATrGsA=
Date: Wed, 26 Apr 2017 13:13:32 +0000
Message-ID: <a9471b815c834a37bb54e41d86ba5829@XCH-ALN-001.cisco.com>
References: <f6c2518144e64aa8af7d66db894f9dde@XCH-ALN-001.cisco.com> <alpine.DEB.2.02.1704260724040.5591@uplift.swm.pp.se>
In-Reply-To: <alpine.DEB.2.02.1704260724040.5591@uplift.swm.pp.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.73.135]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/isis-wg/fQn5QHh3FXOYHDh3RCJxVUhzHDI>
Subject: Re: [Isis-wg] Comments on draft-ietf-isis-reverse-metric-05
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2017 13:13:37 -0000

Mikael -

Thanx for the quick response - look forward to your replies on the other points.
Inline.

> -----Original Message-----
> From: Mikael Abrahamsson [mailto:swmike@swm.pp.se]
> Sent: Tuesday, April 25, 2017 10:25 PM
> To: Les Ginsberg (ginsberg)
> Cc: isis-wg@ietf.org; draft-ietf-isis-reverse-metric.authors@ietf.org
> Subject: Re: [Isis-wg] Comments on draft-ietf-isis-reverse-metric-05
> 
> 
> Hi,
> 
> Thanks for the review!
> 
> Regarding 3.5. I think the point here is that when the device received a
> reverse metric offset request, it should not reflect this in the persistent
> configuration storage. The operational metric change is ephemeral (I think
> this is the correct term), not a persistent storage change. So the idea here is
> that there should be no “automatic” update of the “running-config” metric
> setting, just because one is sending or receiving a metric-offset TLV. This
> should be a separate configuration item.
> 
[Les:] We are in agreement as to the intent - I think the draft wording can be improved. Currently it says:

" During the period when a Reverse Metric TLV is used, IS-IS routers
   that are generating and receiving a Reverse Metric TLV MUST NOT
   change their existing IS-IS metric or Traffic Engineering parameters
   in their persistent provisioning database..."

How about 

"The use of Reverse Metric does not alter IS-IS metric parameters stored in a router's persistent provisioning database."

??

> Regarding not advertising adjacency at all. Personally, I like to be able to take
> links into a state of “don’t use this unless you absolutely have to”. Stopping
> advertising it at all, takes away that possibility. If I have two redundant links
> to somewhere, one has bit errors, this is automatically detected and that link
> is now “metric:ed up” so it’s not used. If the second link goes down, I’d
> rather send traffic over this bit-errored link, than to lose connectivity at all. So
> if this was a g.709 forward-error-correction (FEC) covered link, I can configure
> the router to metric-up the link at a certain FEC corrected-errors rate, so that
> I don’t get post-FEC errors. This doesn’t mean the link is unusable as an
> emergency backup if it’s the only one left, it just means I want to avoid using
> it.
> 
[Les:] Here you are commenting on Section 1.2 - which is a startup problem - in this case start/restart of a line card.
Line card bringup is quite different from other cases addressed by the draft.

The use case for reverse metric is to make a link (or set of links)  the link of last resort i.e. the desire is for the link to still be usable but to minimize its use. This would allow - for example - testing of the link without having it used for live traffic. The lack of current information in the forwarding plane is not an issue and the IS-IS adjacencies are already up.

In the case of LC restart, IS-IS adjacencies have to be formed and forwarding plane state is initially empty and has to be (re)populated. In this case there is no requirement to use the link for testing purposes during the transition. - which should be a matter of seconds.  This is operationally no different from what occurs when a link fails and is then restored. I do not see the need for any special handling of this case - and I do not see that the reverse-metric functionality is useful in this case.

   Les
 

> Does the draft need text to better explain this?
> 
> On Wed, 26 Apr 2017, Les Ginsberg (ginsberg) wrote:
> 
> > Section 1.2.  Distributed Forwarding Planes
> >
> >
> >
> > RFC 5306 (Restart Signaling) has already defined use of the SA bit in the
> Restart TLV to request that  a neighbor suppress advertisement of the
> adjacency thus preventing 2-way connectivity check from passing on that
> link. It is not clear to me why SA bit is not sufficient.
> >
> > For that matter, the local system could simply not advertise the adjacency
> to the neighbor and achieve the same result. Why do we need any extension
> to handle the adjacency bringup case?
> >
> >
> >
> > Section 1.3 Mobility Cases
> >
> >
> >
> > I am not clear on why both ISs in such a case would not detect the change
> in proximity and both do metric adjustment. What is the need for use of
> reverse metric in this case?
> >
> >
> >
> >
> >
> > Section 2
> >
> >
> >
> >> From the description what is being advertised in the new TLV is not a
> metric but a metric offset i.e. you want the receiving IS to add the advertised
> value to its existing configured metric. Identifying the metric field as "metric
> offset" would make this point more clearly.
> >
> >
> >
> > In regards to the use of sub-TLVs, I think the only use case you have
> > is to advertise a TE metric offset - but this could easily be done as
> > an additional fixed field in the TLV itself. Unless you foresee other
> > sub-TLVs I think sub-TLVs could be eliminated from the TLV definition.
> > (I also think advertising TE metric offset is unnecessary - see
> > additional comments on TE below)
> >
> >
> >
> > If  you want to retain sub-TLVs for future proofing you do not need both an
> S flag indicating the presence of sub-TLVs and a sub-TLV length field. One or
> the other will suffice.
> >
> >
> >
> >
> >
> > Last Paragraph of Section 3.1 states:
> >
> >
> >
> > "If the router does not understand the Reverse Metric TLV..."
> >
> >
> >
> > I don't think this needs to be said. It is standard IS-IS behavior to
> > silently ignore TLVs which are not understood - and if a router does
> > not understand the new TLV it certainly would not know what it is it
> > "should not do". :-)
> >
> >
> >
> > The point about allowing local policy to disable processing of the Reverse
> Metric TLV is a good one and the security reasons for it should be
> emphasized.
> >
> >
> >
> >
> >
> > Section 3.5
> >
> >
> >
> > "During the period when a Reverse Metric TLV is used, IS-IS routers
> >
> >   that are generating and receiving a Reverse Metric TLV MUST NOT
> >
> >   change their existing IS-IS metric or Traffic Engineering parameters
> >
> >   in their persistent provisioning database"
> >
> >
> >
> > I would expect that use of Reverse Metric would often be associated with a
> maintenance window - in which case this is precisely the time to expect
> configuration changes. Because traffic has been diverted from the link this is
> actually the safest time to make configuration changes. Therefore I think this
> restriction is both unnecessary and undesirable.
> >
> >
> >
> > Regarding the TE related text
> >
> >
> >
> > https://www.ietf.org/id/draft-ietf-ospf-link-overload-06.txt  has
> highlighted that TE CSPF may not always be based on metric (IGP or TE). In
> which case altering the metric advertisement may not be sufficient to move
> TE traffic away from the link.
> >
> >
> >
> > I think a more robust strategy would be to assign a bit in the link attributes
> sub-TLV defined in RFC 5029 to indicate that the state of the link is
> "maintenance" (or "overload") and that TE traffic should avoid this. That
> would be more robust than altering TE metric and would also eliminate the
> need to use the reverse metric to alter TE metric. Please see
> https://www.iana.org/assignments/isis-tlv-codepoints/isis-tlv-
> codepoints.xhtml#isis-tlv-codepoints-19of22 .
> >
> >
> >
> >   Les
> >
> >
> >
> >
> >
> 
> --
> Mikael Abrahamsson    email: swmike@swm.pp.se