[Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Routing drafts
David Lamparter <equinox@diac24.net> Mon, 20 October 2014 21:41 UTC
Return-Path: <equinox@diac24.net>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 382511ACF0B for <isis-wg@ietfa.amsl.com>; Mon, 20 Oct 2014 14:41:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BTrEQ20OofIn for <isis-wg@ietfa.amsl.com>; Mon, 20 Oct 2014 14:41:46 -0700 (PDT)
Received: from spaceboyz.net (spaceboyz.net [IPv6:2001:8d8:870:1000::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 704B91ACF06 for <isis-wg@ietf.org>; Mon, 20 Oct 2014 14:41:45 -0700 (PDT)
Received: from [2001:8d8:870:10ef:1::] (helo=jupiter.n2.diac24.net) by spaceboyz.net with esmtps (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.84) (envelope-from <equinox@diac24.net>) id 1XgKhy-0006OI-HN; Mon, 20 Oct 2014 23:41:42 +0200
Received: from equinox by jupiter.n2.diac24.net with local (Exim 4.82) (envelope-from <equinox@diac24.net>) id 1XgKhk-003SmB-Gl; Mon, 20 Oct 2014 23:41:32 +0200
Date: Mon, 20 Oct 2014 23:41:28 +0200
From: David Lamparter <equinox@diac24.net>
To: isis-wg@ietf.org
Message-ID: <20141020214128.GE236844@jupiter.n2.diac24.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: http://mailarchive.ietf.org/arch/msg/isis-wg/pc6tR08zP9MWzOpz7dTk6KgBh_M
Cc: Hannes Gredler <hannes@juniper.net>, Chris Hopps <chopps@rawdofmt.org>
Subject: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Routing drafts
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Oct 2014 21:41:49 -0000
Hi isis WG, TL;DR: new Reachability TLVs with "critical bit" on Sub-TLVs, and refreshed version on baker-ipv6-isis-dst-src. submitted to the I-D archive for your consideration are: https://datatracker.ietf.org/doc/draft-lamparter-isis-reachability-critical-subtlvs/?include_text=1 https://datatracker.ietf.org/doc/draft-baker-ipv6-isis-dst-src-routing/?include_text=1 (I've submitted the update to Fred's draft just a few minutes ago, it'll show up as soon as he clicks "OK". I'll drop another mail when it's visible.) These drafts mesh with 2 rtgwg drafts: https://datatracker.ietf.org/doc/draft-lamparter-rtgwg-routing-extra-qualifiers/?include_text=1 https://datatracker.ietf.org/doc/draft-lamparter-rtgwg-dst-src-routing/?include_text=1 reachability-critical-subtlvs creates Reachability TLVs with "critical" Sub-TLVs. The idea here is that we really don't want non-SADR routers to process the Reachability, discarding the source restriction. This can lead to persistent loops: R1 - R2* - R3 - R4 | | | 2001:db8::/32, src 2001:db8:1234::/48 | 2001:db8::/32, src ::/0 R2* doesn't support SADR, R1/3/4 do. Inject packet from 2001:db8:1234::1 to 2001:db8::1. R1 correctly routes to R2. R2 routes back to R1 because it only sees two Reachabilities for 2001:db8::/32 without the source spec. Loop ensues. There are alternate solutions to this; the draft above is the generic variant. As the draft's introduction states, it can be used for all kinds of mandatory information, covering destination specification amendments like the source prefix restriction, and possibly encapsulations (if the originating router requires them to perform correct routing). Alternate solutions would be: - specifically create a Reachability TLV for SADR routes. Achieves hiding the SADR routes from non-SADR routers, without the generic approach. - use a different M-ISIS topology. However, this implies we're starting to use MT IDs as feature indicators, possibly leading to a cartesian expansion of MT IDs, and it turns M-ISIS into a dependency. - only become adjacent to routers supporting SADR. Poor interop, but a valid approach. - ignore the problem. I've gotten feedback suggesting this is going too far to prevent the admin from shooting itself in the foot by mixing SADR and non-SADR systems. Personally, I disagree, because I don't think usage scenarios are cleanly separable on the internet, but I'd appreciate feedback on this as well. I'd expect the question to come up: we have _not_ implemented this yet in the homenet IS-IS demo. Right now it's expecting a homogenous homenet environment without any checks, and it _will_ persistently loop if you put a non-homenet box in the middle and fudge it right. There are also things that can be changed about the draft as it is now, namely I'm expecting feedback on: - TLV encoding. It's two separate Sub-TLV areas right now. Alternatively, it could be: - some bit indicating "critical" - nested Sub-TLVs for critical/optional - or, a "end of mandatory TLVs" marker TLV Note there's a requirement for a non-empty critical TLV draft in the block, since if it is in fact empty the router is supposed to originate the "normal" Reachability TLVs. - SPF requirements. Right now the draft only specifies the "full" approach of effectively doing MT based on capabilities. It might be useful to have a simplified "fail to unreachable". The router would calculate its SPF without looking at capabilities, and then just turn it into an unreachable if a router along the way doesn't support SADR. Then, finally, Fred's dst-src draft is updated for MT considerations. The draft now suggests Source Prefix Sub-TLVs are applicable to MT IDs 0 (default/non-MT), 2 (IPv6 unicast), and 5 (IPv6 management). It notably does not apply to #4 (IPv6 multicast) because there's no source address on Multicast RPF lookups. There's currently a lot of overlap still in isis-dst-src; if I don't get negative feedback on the other drafts (lamparter-rtgwg-*) I'll be trimming that. And, finally, I'd like to present these in Hawaii - could I get a slot on the schedule please? Thanks in advance for any feedback, -David
- [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Routin… David Lamparter
- Re: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Ro… Les Ginsberg (ginsberg)
- Re: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Ro… David Lamparter
- Re: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Ro… Les Ginsberg (ginsberg)
- Re: [Isis-wg] IS-IS Critical Sub-TLV & Dst/Src-Ro… Acee Lindem (acee)