[Isis-wg] Last Call Review of "IS-IS Reverse Metric" (REPLY to this one with correct draft address)

"Acee Lindem (acee)" <acee@cisco.com> Wed, 31 January 2018 01:33 UTC

Return-Path: <acee@cisco.com>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 161C31318FD; Tue, 30 Jan 2018 17:33:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.53
X-Spam-Level:
X-Spam-Status: No, score=-14.53 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i5Q81ff2TbRY; Tue, 30 Jan 2018 17:33:33 -0800 (PST)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2966213149D; Tue, 30 Jan 2018 17:33:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=261598; q=dns/txt; s=iport; t=1517362408; x=1518572008; h=from:to:cc:subject:date:message-id:mime-version; bh=WpHgRma9VWu41j3dLJNgz0/jRuuKnRCnPcLJJ2Z7Dp8=; b=KU+eQVSfNgNQo/9EXlcki9wbCPynJGYDYsm2Fm1BIpRfdlY1mVR44Ev2 6YNeM4/lqOdsLMJwVAS2FAGdqcGWh4LYqlAKlsT1t7ChF6COLrQhYQPO4 cGrKvqIzql6fAFzzygQsAl3YXDi0tnhnMh/bhoTia2t/wnZzNxdW9WnaE o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DPBAC/G3Fa/5NdJa3IHAMCAQICgQg
X-IronPort-AV: E=Sophos; i="5.46,437,1511827200"; d="scan'208,217"; a="64079151"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 31 Jan 2018 01:33:27 +0000
Received: from XCH-RTP-011.cisco.com (xch-rtp-011.cisco.com [64.101.220.151]) by rcdn-core-11.cisco.com (8.14.5/8.14.5) with ESMTP id w0V1XRpZ017630 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 31 Jan 2018 01:33:27 GMT
Received: from xch-rtp-015.cisco.com (64.101.220.155) by XCH-RTP-011.cisco.com (64.101.220.151) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Tue, 30 Jan 2018 20:33:25 -0500
Received: from xch-rtp-015.cisco.com ([64.101.220.155]) by XCH-RTP-015.cisco.com ([64.101.220.155]) with mapi id 15.00.1320.000; Tue, 30 Jan 2018 20:33:25 -0500
From: "Acee Lindem (acee)" <acee@cisco.com>
To: "draft-ietf-isis-reverse-metric@ietf.org" <draft-ietf-isis-reverse-metric@ietf.org>
CC: "isis-wg@ietf.org" <isis-wg@ietf.org>
Thread-Topic: Last Call Review of "IS-IS Reverse Metric" (REPLY to this one with correct draft address)
Thread-Index: AQHTmjN9MgS5KvsmG0SmCy+aqMLDYg==
Date: Wed, 31 Jan 2018 01:33:25 +0000
Message-ID: <02147B7B-930E-4D73-A7C4-7375AAAFE1A4@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.116.152.198]
Content-Type: multipart/alternative; boundary="_000_02147B7B930E4D73A7C47375AAAFE1A4ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/isis-wg/tZ-kcryBtsMObdtuJa5-PCmDgKA>
Subject: [Isis-wg] Last Call Review of "IS-IS Reverse Metric" (REPLY to this one with correct draft address)
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jan 2018 01:33:43 -0000

I support publication of the subject document. I have the following comments:

1.      Section 1.6 – Use RFC 8174 language for keywords.
2.      Some acronyms are not expanded on first use, e.g., DIS.
3.      Should section 3.4 use normative language? It seems it use “MUST” rather than “must”.
4.      In section 2, what do you mean by “neighbor alter parameter” for “sub-TLV len”?
5.      Many times the concept of “this node”, “this router”, or “this link” is used when the context of “this” is not apparent. I’ve suggested changes in the editorial suggestions.
6.      Finally, I still think the metric in the Reverse Metric TLV should be known as the “Reverse Metric” rather than the “Metric Offset”.  However, I don’t feel strongly enough to argue it ad nauseum.

Thanks,
Acee

Suggested editorial changes:

***************
*** 16,26 ****

  Abstract

!    This document describes the mechanism to allow IS-IS routing to
     quickly and accurately shift traffic away from either a point-to-
!    point or multi-access LAN interface by signaling to an adjacent IS-IS
!    neighbor with the metric towards itself during network maintenance or
!    other operational events.

  Status of This Memo

--- 15,26 ----

  Abstract

!    This document describes a mechanism to allow IS-IS routing to
     quickly and accurately shift traffic away from either a point-to-
!    point or multi-access LAN ace during network maintenance or
!    other operational events. This is accomplished by signaling
!    adjacent IS-IS neighbors with a higher reverse metric, i.e., the
!    metric towards the signaling IS-IS router.

  Status of This Memo

***************
*** 97,111 ****
     Internet Service Provider IP/MPLS networks.  Operational experience
     with the protocol, combined with ever increasing requirements for
     lossless operations have demonstrated some operational issues.  This
!    document describes the issues and a new mechanism for improving it.

  1.1.  Node and Link Isolation

     IS-IS routing mechanism has the overload-bit, which can be used by
     operators to perform disruptive maintenance on the router.  But in
!    many operational maintenance cases, it is not necessary to displace
!    all the traffic away from this node.  It is useful to augment only a
!    single link or LAN for the maintenance.  More detailed descriptions



--- 97,111 ----
     Internet Service Provider IP/MPLS networks.  Operational experience
     with the protocol, combined with ever increasing requirements for
     lossless operations have demonstrated some operational issues.  This
!    document describes the issues and a mechanism for mitigating them.

  1.1.  Node and Link Isolation

     IS-IS routing mechanism has the overload-bit, which can be used by
     operators to perform disruptive maintenance on the router.  But in
!    many operational maintenance cases, it is not necessary to divert
!    all the traffic away from this node.  It is useful to avoid only a
!    single link or LAN during the maintenance.  More detailed descriptions



***************
*** 122,139 ****
     In a distributed forwarding platform, different forwarding line-cards
     may have interfaces and IS-IS connections to neighbor routers.  If
     one of the line-card's software resets, it may take some time for the
!    forwarding entries to be fully populated on this line-card, in
!    particular if the router is a PE (Provider Edge) router in ISP's MPLS
!    VPN.  The IS-IS adjacency may be established with a neighbor router
     long before the entire BGP VPN prefixes are downloaded to the
!    forwarding table.  It is important to signal to the network not to
!    use this particular IS-IS adjacency inbound to this router if
!    possible.  Temporarily pushing out the 'Reverse Metric' over this
!    link to discourage the traffic into this line-card will help to
!    reduce the traffic loss in the network.  At the meantime, the remote
     PE routers will select a different set of PE routers for the BGP best
     path calculation or use a different link towards the same PE router
!    on which another line-card is recovering.

  1.3.  Spine-Leaf Applications

--- 122,139 ----
     In a distributed forwarding platform, different forwarding line-cards
     may have interfaces and IS-IS connections to neighbor routers.  If
     one of the line-card's software resets, it may take some time for the
!    forwarding entries to be fully populated on the line-card, in
!    particular if the router is a PE (Provider Edge) router in an ISP's MPLS
!    VPN.  An IS-IS adjacency may be established with a neighbor router
     long before the entire BGP VPN prefixes are downloaded to the
!    forwarding table.  It is important to signal adjacent IS-IS routers not
!    to use the corresponding IS-IS adjacency inbound to this router if
!    possible.  Temporarily signaling the 'Reverse Metric' over this
!    link to discourage the traffic via the corresponding line-card will help to
!    reduce the traffic loss in the network.  In the meantime, the remote
     PE routers will select a different set of PE routers for the BGP best
     path calculation or use a different link towards the same PE router
!    on which another line-card is resetting.

  1.3.  Spine-Leaf Applications

***************
*** 141,164 ****
     leaf nodes will perform equal-cost or unequal-cost load sharing
     towards all the spine nodes.  In certain operational cases, for
     instance, when one of the backbone links on a spine node is
!    congested, this spine node can push a higher metric towards the
!    connected leaf nodes to reduce the transit traffic through this spine
!    node or link.

  1.4.  LDP IGP Synchronization

     In the [RFC5443], a mechanism is described to achieve LDP IGP
     synchronization by using the maximum link metric value on the
!    interface.  But in the case of a new IS-IS node joining the broadcast
     network (LAN), it is not optimal to change all the nodes on the LAN
!    to the maximum link metric value, as described in [RFC6138].  This
!    Reverse Metric can be used in this case to discourage both outbound
!    and inbound traffic without affecting the traffic of other existing
     IS-IS nodes on the LAN.

  1.5.  IS-IS Reverse Metric

!    This document proposes that the routing protocol itself be the
     transport mechanism to allow one IS-IS router to advertise a "reverse
     metric" in an IS-IS Hello (IIH) PDU to an adjacent node on a point-
     to-point or multi-access LAN link.  This would allow the provisioning
--- 141,164 ----
     leaf nodes will perform equal-cost or unequal-cost load sharing
     towards all the spine nodes.  In certain operational cases, for
     instance, when one of the backbone links on a spine node is
!    congested, a spine node can push a higher metric towards the
!    connected leaf nodes to reduce the transit traffic through the
!    corresponding spine node or link.

  1.4.  LDP IGP Synchronization

     In the [RFC5443], a mechanism is described to achieve LDP IGP
     synchronization by using the maximum link metric value on the
!    interface.  But in the case of a new IS-IS node joining a broadcast
     network (LAN), it is not optimal to change all the nodes on the LAN
!    to the maximum link metric value, as described in [RFC6138].  In this
!    case, the Reverse Metric can be used to discourage both outbound
!    and inbound traffic without affecting the traffic of other
     IS-IS nodes on the LAN.

  1.5.  IS-IS Reverse Metric

!    This document avails the routing protocol itself as the
     transport mechanism to allow one IS-IS router to advertise a "reverse
     metric" in an IS-IS Hello (IIH) PDU to an adjacent node on a point-
     to-point or multi-access LAN link.  This would allow the provisioning
***************
*** 170,189 ****
  Internet-Draft            IS-IS Reverse Metric              January 2018


!    to be performed only on a single node, set a "reverse metric" on a
     link and have traffic bidirectionally shift away from that link
     gracefully to alternate, viable paths.

!    This Reverse Metric mechanism is to be used for both point-to-point
!    and multi-access LAN links.  Unlike the point-to-point link, IS-IS
     protocol currently does not have a way to influence the traffic
!    towards a particular node on LAN links.  This proposal enables IS-IS
     routing the capability of altering traffic in both directions on
!    either a point-to-point link or on a multi-access link of a node.

     The metric value in the "reverse metric" TLV and the TE metric in the
     sub-TLV being advertised is an offset or relative metric to be added
!    on top of the existing local link and TE metric value of the
     receiver.

  1.6.  Specification of Requirements
--- 170,189 ----
  Internet-Draft            IS-IS Reverse Metric              January 2018


!    to be performed only on a single node, setting a "reverse metric" on a
     link and have traffic bidirectionally shift away from that link
     gracefully to alternate, viable paths.

!    This Reverse Metric mechanism is used for both point-to-point
!    and multi-access LAN links.  Unlike point-to-point links, the IS-IS
     protocol currently does not have a way to influence the traffic
!    towards a particular node on LAN links.  This mechanism provides IS-IS
     routing the capability of altering traffic in both directions on
!    either a point-to-point link or a multi-access link of an IS-IS node.

     The metric value in the "reverse metric" TLV and the TE metric in the
     sub-TLV being advertised is an offset or relative metric to be added
!    to the existing local link and TE metric values of the
     receiver.

  1.6.  Specification of Requirements
***************
*** 195,215 ****
  2.  IS-IS Reverse Metric TLV

     The Reverse Metric TLV is composed of a 1 octet field of Flags, a 3
!    octet field containing an IS-IS Metric, and a 1 octet Traffic
     Engineering (TE) sub-TLV length field representing the length of a
     variable number of Extended Intermediate System (IS) Reachability
     sub-TLVs.  If the "sub-TLV len" is non-zero, then the Value field
!    MUST also contain data of 1 or more Extended IS Reachability sub-
     TLVs.

     The Reverse Metric TLV is optional.  The Reverse Metric TLV may be
     present in any IS-IS Hello PDU.  A sender MUST only transmit a single
!    Reverse Metric TLV in a IS-IS Hello PDU.  If a received IS-IS Hello
     PDU contains more than one Reverse Metric TLV, an implementation
!    SHOULD ignore all the Reverse Metric TLVs in this error condition.

!        0                   1                   2                   3
!        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
         |      Type     |     Length    |    Flags      | Metric Offset
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
--- 195,216 ----
  2.  IS-IS Reverse Metric TLV

     The Reverse Metric TLV is composed of a 1 octet field of Flags, a 3
!    octet field containing an IS-IS Metric Offset, and a 1 octet Traffic
     Engineering (TE) sub-TLV length field representing the length of a
     variable number of Extended Intermediate System (IS) Reachability
     sub-TLVs.  If the "sub-TLV len" is non-zero, then the Value field
!    MUST also contain one or more Extended IS Reachability sub-
     TLVs.

     The Reverse Metric TLV is optional.  The Reverse Metric TLV may be
     present in any IS-IS Hello PDU.  A sender MUST only transmit a single
!    Reverse Metric TLV in an IS-IS Hello PDU.  If a received IS-IS Hello
     PDU contains more than one Reverse Metric TLV, an implementation
!    SHOULD ignore all the Reverse Metric TLVs and tread it as an
!    error condition.

!         0                   1                   2                   3
!         0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
         |      Type     |     Length    |    Flags      | Metric Offset
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
***************
*** 244,254 ****

     The Metric Offset field contains a 24-bit unsigned integer of an IS-
     IS metric that a neighbor SHOULD add to the existing, configured
!    "default metric" of the IS-IS link.  Refer to "Elements of
     Procedure", in Section 3 for details on how an IS-IS router should
     process the Metric Offset field in a Reverse Metric TLV.

!    There is currently only two Flag bits defined.

     W bit (0x01): The "Whole LAN" bit is only used in the context of
     multi-access LANs.  When a Reverse Metric TLV is transmitted from a
--- 245,255 ----

     The Metric Offset field contains a 24-bit unsigned integer of an IS-
     IS metric that a neighbor SHOULD add to the existing, configured
!    "default metric" for the IS-IS link.  Refer to "Elements of
     Procedure", in Section 3 for details on how an IS-IS router should
     process the Metric Offset field in a Reverse Metric TLV.

!    There are currently only two Flag bits defined.

     W bit (0x01): The "Whole LAN" bit is only used in the context of
     multi-access LANs.  When a Reverse Metric TLV is transmitted from a
***************
*** 260,275 ****
     existing "default metric" in the Pseudonode LSP for the single node
     from whom the Reverse Metric TLV was received.  Please refer to
     "Multi-Access LAN Procedures", in Section 3.3, for additional
!    details.  The W bit MUST be unset when a Reverse Metric TLV is
!    transmitted in a IIH PDU onto a point-to-point link to a neighbor,
!    and the W bit MUST be ignored upon receiving on a point-to-point
     link.

     U bit (0x02): The "Unreachable" bit is used by the IS-IS node to
!    request the neighbor for setting the accumulated metric value to be
!    limited to (2^24-1).  This "U" bit applies to both the default metric
!    of Extended IS Reachability TLV and the TE default-metric sub-TLV of
!    the link.  This is only relevant to the IS-IS "wide" metric mode.

     The "sub-TLV Len" value is non-zero when an IS-IS router wishes to
     signal that its neighbor alter parameters contained in the neighbor's
--- 261,276 ----
     existing "default metric" in the Pseudonode LSP for the single node
     from whom the Reverse Metric TLV was received.  Please refer to
     "Multi-Access LAN Procedures", in Section 3.3, for additional
!    details.  The W bit MUST be clear when a Reverse Metric TLV is
!    transmitted in an IIH PDU on a point-to-point link,
!    and MUST be ignored when received on a point-to-point
     link.

     U bit (0x02): The "Unreachable" bit is used by the IS-IS node to
!    request the neighbor not to set the accumulated metric value greater
!    than (2^24-1).  This "U" bit applies to both the default metric
!    in the Extended IS Reachability TLV and the TE default-metric sub-TLV of
!    the link.  This is only relevant to IS-IS "wide" metric mode.

     The "sub-TLV Len" value is non-zero when an IS-IS router wishes to
     signal that its neighbor alter parameters contained in the neighbor's
***************
*** 282,288 ****
  Internet-Draft            IS-IS Reverse Metric              January 2018


!    [RFC5305].  This document defines that only the "Traffic Engineering
     Default Metric" sub-TLV, sub-TLV Type 18, may be sent toward
     neighbors in the Reverse Metric TLV, because that is used in
     Constrained Shortest Path First (CSPF) computations.  Upon receiving
--- 283,289 ----
  Internet-Draft            IS-IS Reverse Metric              January 2018


!    [RFC5305].  Only the "Traffic Engineering
     Default Metric" sub-TLV, sub-TLV Type 18, may be sent toward
     neighbors in the Reverse Metric TLV, because that is used in
     Constrained Shortest Path First (CSPF) computations.  Upon receiving
***************
*** 297,317 ****

  3.1.  Processing Changes to Default Metric

!    The Metric Offset field, in the Reverse Metric TLV, is a "default
     metric" that will either be in the range of 0 - 63 when a "narrow"
     IS-IS metric is used (IS Neighbors TLV, Pseudonode LSP) [RFC1195] or
     in the range of 0 - (2^24 - 2) when a "wide" Traffic Engineering
     metric value is used, (Extended IS Reachability TLV) [RFC5305]
!    [RFC5817].  It is important to use the same IS-IS metric mode in both
     ends of the link.  On the receiving side of the 'reverse-metric' TLV,
     the accumulated value of configured metric and the reverse-metric
     needs to be limited to 63 in "narrow" metric mode and to (2^24 - 2)
     in "wide" metric mode.  This applies to both the default metric of
!    Extended IS Reachability TLV and the TE default-metric sub-TLV in LSP
!    or Pseudonode LSP with the "wide" metric mode case.  If the "U" bit
!    is present in the flag, the accumulated metric value is to be limited
!    to (2^24 - 1) instead, and this applies to both the normal link
!    metric and TE metric in IS-IS "wide" metric mode.

     If an IS-IS router is configured to originate a TE Default Metric
     sub-TLV for a link, but receives a Reverse Metric TLV from its
--- 298,318 ----

  3.1.  Processing Changes to Default Metric

!    The Metric Offset field, in the Reverse Metric TLV, is a "reverse
     metric" that will either be in the range of 0 - 63 when a "narrow"
     IS-IS metric is used (IS Neighbors TLV, Pseudonode LSP) [RFC1195] or
     in the range of 0 - (2^24 - 2) when a "wide" Traffic Engineering
     metric value is used, (Extended IS Reachability TLV) [RFC5305]
!    [RFC5817].  It is important to use the same IS-IS metric mode on both
     ends of the link.  On the receiving side of the 'reverse-metric' TLV,
     the accumulated value of configured metric and the reverse-metric
     needs to be limited to 63 in "narrow" metric mode and to (2^24 - 2)
     in "wide" metric mode.  This applies to both the default metric of
!    Extended IS Reachability TLV and the TE default-metric sub-TLV in the LSP
!    or Pseudonode LSP for the "wide" metric mode case.  If the "U" bit
!    is present in the Flags, the accumulated metric value is limited
!    to (2^24 - 1) for both the normal link metric and TE metric in
!    IS-IS "wide" metric mode.

     If an IS-IS router is configured to originate a TE Default Metric
     sub-TLV for a link, but receives a Reverse Metric TLV from its
***************
*** 323,331 ****

     The Reverse Metric TLV is applicable to Multi-Topology IS-IS (M-ISIS)
     [RFC5120] capable point-to-point links.  If an IS-IS router is
!    configured for M-ISIS it MUST send only a single Reverse Metric TLV
     in IIH PDUs toward its neighbor(s) on the designated link.  When an
!    M-ISIS router receives a Reverse Metric TLV it MUST add the received
     Metric Offset value to its default metric in all Extended IS
     Reachability TLVs for all topologies.  If an M-ISIS router receives a
     Reverse Metric TLV with a TE Default Metric sub-TLV, then the M-ISIS
--- 324,332 ----

     The Reverse Metric TLV is applicable to Multi-Topology IS-IS (M-ISIS)
     [RFC5120] capable point-to-point links.  If an IS-IS router is
!    configured for M-ISIS, it MUST send only a single Reverse Metric TLV
     in IIH PDUs toward its neighbor(s) on the designated link.  When an
!    M-ISIS router receives a Reverse Metric TLV, it MUST add the received
     Metric Offset value to its default metric in all Extended IS
     Reachability TLVs for all topologies.  If an M-ISIS router receives a
     Reverse Metric TLV with a TE Default Metric sub-TLV, then the M-ISIS
***************
*** 360,391 ****
     On a Multi-Access LAN, only the DIS SHOULD act upon information
     contained in a received Reverse Metric TLV.  All non-DIS nodes MUST
     silently ignore a received Reverse Metric TLV.  The decision process
!    of the routers on this LAN MUST follow the procedure in section
     7.2.8.2 of [ISO10589], and use the "Two-way connectivity check"
     during the topology and route calculation.

     The Reverse Metric TE sub-TLV also applies to the DIS.  If a DIS is
!    configured to apply TE over the link and it receives TE metric sub-
!    TLV in Reverse Metric TLV, it should update TE Default Metric sub-TLV
!    value of corresponding Extended IS Reachability TLV or insert new one
!    if it was not present there.

     In the case of multi-access LANs, the "W" Flags bit is used to signal
!    from a non-DIS to the DIS whether to change the metric and optionally
     Traffic Engineering parameters for all nodes in the Pseudonode LSP or
!    a single node on the LAN, (the originator of the Reverse Metric TLV).

!    A non-DIS node, e.g.: Router B, attached to a multi-access LAN will
!    send a Reverse Metric TLV with the W bit set to 0 to the DIS, when
     Router B wishes the DIS to add the Metric Offset value to the default
     metric contained in the Pseudonode LSP specific to just Router B.
!    Other non-DIS nodes, i.e.: Routers C and D, may simultaneously send a
!    Reverse Metric TLV with the W bit set to 0 to request the DIS add
     their own Metric Offset value to their default metric contained in
     the Pseudonode LSP.  When the DIS receives a properly formatted
!    Reverse Metric TLV with the W bit set to 0, the DIS MUST only add the
     default metric contained in its Pseudonode LSP for the specific
!    neighbor that sent the Reverse Metric TLV.



--- 361,392 ----
     On a Multi-Access LAN, only the DIS SHOULD act upon information
     contained in a received Reverse Metric TLV.  All non-DIS nodes MUST
     silently ignore a received Reverse Metric TLV.  The decision process
!    of the routers on the LAN MUST follow the procedure in section
     7.2.8.2 of [ISO10589], and use the "Two-way connectivity check"
     during the topology and route calculation.

     The Reverse Metric TE sub-TLV also applies to the DIS.  If a DIS is
!    configured to apply TE over a link and it receives TE metric sub-
!    TLV in a Reverse Metric TLV, it should update the TE Default Metric
!    sub-TLV value of the corresponding Extended IS Reachability TLV or
!    insert a new one if not present.

     In the case of multi-access LANs, the "W" Flags bit is used to signal
!    from a non-DIS to the DIS whether to change the metric and, optionally,
     Traffic Engineering parameters for all nodes in the Pseudonode LSP or
!    or solely the node on the LAN originating the Reverse Metric TLV.

!    A non-DIS node, e.g., Router B, attached to a multi-access LAN will
!    send the DIS a Reverse Metric TLV with the W bit clear when
     Router B wishes the DIS to add the Metric Offset value to the default
     metric contained in the Pseudonode LSP specific to just Router B.
!    Other non-DIS nodes, e.g., Routers C and D, may simultaneously send a
!    Reverse Metric TLV with the W bit clear to request the DIS to add
     their own Metric Offset value to their default metric contained in
     the Pseudonode LSP.  When the DIS receives a properly formatted
!    Reverse Metric TLV with the W bit clear, the DIS MUST only add the
     default metric contained in its Pseudonode LSP for the specific
!    neighbor that sent the correspondig Reverse Metric TLV.



***************
*** 397,411 ****
     As long as at least one IS-IS node on the LAN sending the signal to
     DIS with the W bit set, the DIS would add the metric value in the
     Reverse Metric TLV to all neighbor adjacencies in the Pseudonode LSP,
!    regardless if some of the nodes on the LAN send the Reverse Metric
!    TLV without the W bit set.  The DIS MUST use the metric of the
!    highest source MAC address of the node sending the TLV with the W bit
!    set.  The DIS MUST use the metric value towards the nodes which
!    explicitly send the Reverse Metric TLV.

     Local provisioning on the DIS to adjust the default metric(s)
     contained in the Pseudonode LSP MUST take precedence over received
!    Reverse Metric TLVs.  For instance, local policy of the DIS may be
     provisioned to ignore the W bit signaling on a LAN.

  3.4.  Point-To-Point Link Procedures
--- 398,412 ----
     As long as at least one IS-IS node on the LAN sending the signal to
     DIS with the W bit set, the DIS would add the metric value in the
     Reverse Metric TLV to all neighbor adjacencies in the Pseudonode LSP,
!    regardless if some of the nodes on the LAN advertise the Reverse Metric
!    TLV without the W bit set.  The DIS MUST use the reverse metric of the
!    highest source MAC address Non-DIS advertising the Reverse Metrc TLV
!    with the W bit set.  The DIS MUST use the metric value towards the
!    nodes which explicitly advertise the Reverse Metric TLV.

     Local provisioning on the DIS to adjust the default metric(s)
     contained in the Pseudonode LSP MUST take precedence over received
!    Reverse Metric TLVs.  For instance, local policy on the DIS may be
     provisioned to ignore the W bit signaling on a LAN.

  3.4.  Point-To-Point Link Procedures
***************
*** 422,445 ****
  3.5.  LDP/IGP Synchronization on LANs

     As described in [RFC6138] when a new IS-IS node joins a broadcast
!    network, it is unnecessary and sometimes even harmful to put IS-IS
!    maximum link metric on all the nodes.  [RFC6138] proposes a solution
!    to have the new node not advertising the adjacency towards the
!    pseudo-node when it is not in a "cut-edge" position.

     With the introduction of Reverse Metric in this document, a simpler
     alternative solution to the above mentioned problem can be used.  The
!    Reverse Metric allows the new node on the LAN to have the inbound
     metric value to be the maximum and this puts the link of this new
     node in the last resort position without impacting the other IS-IS
     nodes on the same LAN.

     Specifically, when IS-IS adjacencies are being established by the new
     node on the LAN, besides setting the maximum link metric value (2^24
!    - 2) on the interface of the LAN for the LDP IGP synchronization as
     described in [RFC5443], it SHOULD advertise the maximum metric offset
!    value in the Reverse Metric TLV in its IIH PDU to the LAN.  It SHOULD
!    continue this advertisement until it completes all the LDP label
     binding exchanges with all the neighbors over this LAN, either by


--- 423,446 ----
  3.5.  LDP/IGP Synchronization on LANs

     As described in [RFC6138] when a new IS-IS node joins a broadcast
!    network, it is unnecessary and sometimes even harmful for all IS-IS
!    nodes on the LAN to advertise maximum link metric.  [RFC6138] proposes
!    a solution  to have the new node not advertise its adjacency towards the
!    pseudo-node LSP when it is not in a "cut-edge" position.

     With the introduction of Reverse Metric in this document, a simpler
     alternative solution to the above mentioned problem can be used.  The
!    Reverse Metric allows the new node on the LAN to advertise its inbound
     metric value to be the maximum and this puts the link of this new
     node in the last resort position without impacting the other IS-IS
     nodes on the same LAN.

     Specifically, when IS-IS adjacencies are being established by the new
     node on the LAN, besides setting the maximum link metric value (2^24
!    - 2) on the interface of the LAN for LDP IGP synchronization as
     described in [RFC5443], it SHOULD advertise the maximum metric offset
!    value in the Reverse Metric TLV in its IIH PDU sent on the LAN.  It SHOULD
!    continue this advertisement until it completes all LDP label
     binding exchanges with all the neighbors over this LAN, either by


***************
*** 451,457 ****


     receiving the LDP End-of-LIB [RFC5919] for all the sessions or by
!    exceeding the provisioned timeout value on the node.

  3.6.  Operational Guidelines

--- 452,459 ----


     receiving the LDP End-of-LIB [RFC5919] for all the sessions or by
!    exceeding the provisioned timeout value for node LDP/IGP
!    synchronization.

  3.6.  Operational Guidelines

***************
*** 464,484 ****

     Routers that receive a Reverse Metric TLV MAY send a syslog message
     or SNMP trap, in order to assist in rapidly identifying the node in
!    the network that is asserting an IS-IS metric or Traffic Engineering
     parameters different from that which is configured locally on the
     device.

     It is RECOMMENDED that implementations provide a capability to
!    disable any changes to a node's, or individual interfaces of the
!    node, default metric or Traffic Engineering parameters based upon
!    receiving properly formatted Reverse Metric TLVs.

  4.  Security Considerations

     The enhancement in this document makes it possible for one IS-IS
!    router to manipulate the IS-IS default metric or optionally Traffic
     Engineering parameters of adjacent IS-IS neighbors.  Although IS-IS
!    routers within a single Autonomous System nearly always reside under
     the control of a single administrative authority, it is highly
     RECOMMENDED that operators configure authentication of IS-IS PDUs to
     mitigate use of the Reverse Metric TLV as a potential attack vector,
--- 466,486 ----

     Routers that receive a Reverse Metric TLV MAY send a syslog message
     or SNMP trap, in order to assist in rapidly identifying the node in
!    the network that is advertising an IS-IS metric or Traffic Engineering
     parameters different from that which is configured locally on the
     device.

     It is RECOMMENDED that implementations provide a capability to
!    disable any changes to a node's individual interface
!    default metric or Traffic Engineering parameters based upon
!    receiving a properly formatted Reverse Metric TLVs.

  4.  Security Considerations

     The enhancement in this document makes it possible for one IS-IS
!    router to manipulate the IS-IS default metric and, optionally, Traffic
     Engineering parameters of adjacent IS-IS neighbors.  Although IS-IS
!    routers within a single Autonomous System nearly always are under
     the control of a single administrative authority, it is highly
     RECOMMENDED that operators configure authentication of IS-IS PDUs to
     mitigate use of the Reverse Metric TLV as a potential attack vector,
***************
*** 497,503 ****
     Ilya Varlashkin, Jay Chen, Les Ginsberg, Peter Ashwood-Smith, Uma
     Chunduri, Alexander Okonnikov, Jonathan Harrison, Dave Ward, Himanshu
     Shah, Wes George, Danny McPherson, Ed Crabbe, Russ White, Robert
!    Razsuk and Tom Petch for their comments and contributions.



--- 499,505 ----
     Ilya Varlashkin, Jay Chen, Les Ginsberg, Peter Ashwood-Smith, Uma
     Chunduri, Alexander Okonnikov, Jonathan Harrison, Dave Ward, Himanshu
     Shah, Wes George, Danny McPherson, Ed Crabbe, Russ White, Robert
!    Razsuk, Tom Petch, and Acee Lindem for their comments and contributions.



***************
*** 573,592 ****

  Appendix A.  Node Isolation Challenges

!    On rare occasions it is necessary for an operator to perform
!    disruptive network maintenance on an entire IS-IS router node, i.e.:
     major software upgrades, power/cooling augments, etc.  In these
     cases, an operator will set the IS-IS Overload Bit (OL-bit) within
     the Link State Protocol Data Units (LSPs) of the IS-IS router about
!    to undergo maintenance.  The IS-IS router immediately floods the
!    updated LSPs to all IS-IS routers throughout the IS-IS domain.  Upon
     receipt of the updated LSPs, all IS-IS routers recalculate their
     Shortest Path First (SPF) tree excluding IS-IS routers whose LSPs
     have the OL-bit set.  This effectively removes the IS-IS router about
     to undergo maintenance from the topology, thus preventing it from
!    forwarding any transit traffic during the maintenance period.

!    After the maintenance activity is completed, the operator resets the
     IS-IS Overload Bit within the LSPs of the original IS-IS router
     causing it to flood updated IS-IS LSPs throughout the IS-IS domain.
     All IS-IS routers recalculate their SPF tree and now include the
--- 575,594 ----

  Appendix A.  Node Isolation Challenges

!    On rare occasions, it is necessary for an operator to perform
!    disruptive network maintenance on an entire IS-IS router node, i.e.,
     major software upgrades, power/cooling augments, etc.  In these
     cases, an operator will set the IS-IS Overload Bit (OL-bit) within
     the Link State Protocol Data Units (LSPs) of the IS-IS router about
!    to undergo maintenance.  The IS-IS router immediately floods its
!    updated LSPs to all IS-IS routers in the IS-IS domain.  Upon
     receipt of the updated LSPs, all IS-IS routers recalculate their
     Shortest Path First (SPF) tree excluding IS-IS routers whose LSPs
     have the OL-bit set.  This effectively removes the IS-IS router about
     to undergo maintenance from the topology, thus preventing it from
!    receiving any transit traffic during the maintenance period.

!    After the maintenance activity has completed, the operator resets the
     IS-IS Overload Bit within the LSPs of the original IS-IS router
     causing it to flood updated IS-IS LSPs throughout the IS-IS domain.
     All IS-IS routers recalculate their SPF tree and now include the
***************
*** 595,609 ****

     Isolating an entire IS-IS router from the topology can be especially
     disruptive due to the displacement of a large volume of traffic
!    through an entire IS-IS router to other, sub-optimal paths, (i.e.:
     those with significantly larger delay).  Thus, in the majority of
     network maintenance scenarios, where only a single link or LAN needs
     to be augmented to increase its physical capacity or is experiencing
     an intermittent failure, it is much more common and desirable to
     gracefully remove just the targeted link or LAN from service,
     temporarily, so that the least amount of user-data traffic is
!    affected while intrusive augment, diagnostic and/or replacement
!    procedures are being executed.

  Appendix B.  Link Isolation Challenges

--- 597,610 ----

     Isolating an entire IS-IS router from the topology can be especially
     disruptive due to the displacement of a large volume of traffic
!    through an entire IS-IS router to other, sub-optimal paths, (e.g.,
     those with significantly larger delay).  Thus, in the majority of
     network maintenance scenarios, where only a single link or LAN needs
     to be augmented to increase its physical capacity or is experiencing
     an intermittent failure, it is much more common and desirable to
     gracefully remove just the targeted link or LAN from service,
     temporarily, so that the least amount of user-data traffic is
!    affected during the link-specific network maintenance.

  Appendix B.  Link Isolation Challenges

***************
*** 621,665 ****
     LAN.  In doing so, the devices generate new Link State Protocol Data
     Units (LSPs) that are flooded throughout the network and cause all
     routers to gradually shift traffic onto alternate paths with very
!    little, to no, disruption to in-flight communications by applications
     or end-users.  When performed successfully, this allows the operator
!    to confidently perform disruptive augmentation, fault diagnosis or
     repairs on a link without disturbing ongoing communications in the
     network.

!    The challenge with the above solution are as follows.  First, it is
!    quite common to have routers with several hundred interfaces onboard
!    and individual interfaces that are transferring several hundred
     Gigabits/second to Terabits/second of traffic.  Thus, it is
     imperative that operators accurately identify the same point-to-point
     link on two, separate devices in order to increase (and, afterward,
     decrease) the IS-IS metric appropriately.  Second, the aforementioned
     solution is very time consuming and even more error-prone to perform
!    when its necessary to temporarily remove a multi-access LAN from the
     network topology.  Specifically, the operator needs to configure ALL
!    devices's that have interfaces attached to the multi-access LAN with
     an appropriately high IS-IS metric, (and then decrease the IS-IS
     metric to its original value afterward).  Finally, with respect to
     multi-access LANs, there is currently no method to bidirectionally
!    isolate only a single node's interface on the LAN when performed more
     fine-grained diagnosis and repairs to the multi-access LAN.

     In theory, use of a Network Management System (NMS) could improve the
     accuracy of identifying the appropriate subset of routers attached to
     either a point-to-point link or a multi-access LAN as well as
     signaling from the NMS to those devices, using a network management
!    protocol, to adjust the IS-IS metrics on the pertinent set of
!    interfaces.  The reality is that NMS are, to a very large extent, not
     used within Service Provider's networks for a variety of reasons.  In
!    particular, NMS do not interoperate very well across different
     vendors or even separate platform families within the same vendor.

     The risks of misidentifying one side of a point-to-point link or one
     or more interfaces attached to a multi-access LAN and subsequently
!    increasing its IS-IS metric are potentially increased latency, jitter
     or packet loss.  This is unacceptable given the necessary performance
!    requirements for a variety of applications, the customer perception
!    for near lossless operations and the associated, demanding Service
     Level Agreement's (SLAs) for all network services.


--- 622,666 ----
     LAN.  In doing so, the devices generate new Link State Protocol Data
     Units (LSPs) that are flooded throughout the network and cause all
     routers to gradually shift traffic onto alternate paths with very
!    little or no disruption to in-flight communications by applications
     or end-users.  When performed successfully, this allows the operator
!    to confidently perform disruptive augmentation, fault diagnosis, or
     repairs on a link without disturbing ongoing communications in the
     network.

!    The challenges with the above solution are as follows.  First, it is
!    quite common to have routers with several hundred interfaces
!    and individual interfaces that are transferring from several hundred
     Gigabits/second to Terabits/second of traffic.  Thus, it is
     imperative that operators accurately identify the same point-to-point
     link on two, separate devices in order to increase (and, afterward,
     decrease) the IS-IS metric appropriately.  Second, the aforementioned
     solution is very time consuming and even more error-prone to perform
!    when it's necessary to temporarily remove a multi-access LAN from the
     network topology.  Specifically, the operator needs to configure ALL
!    devices that have interfaces attached to the multi-access LAN with
     an appropriately high IS-IS metric, (and then decrease the IS-IS
     metric to its original value afterward).  Finally, with respect to
     multi-access LANs, there is currently no method to bidirectionally
!    isolate only a single node's interface on the LAN when performing more
     fine-grained diagnosis and repairs to the multi-access LAN.

     In theory, use of a Network Management System (NMS) could improve the
     accuracy of identifying the appropriate subset of routers attached to
     either a point-to-point link or a multi-access LAN as well as
     signaling from the NMS to those devices, using a network management
!    protocol to adjust the IS-IS metrics on the pertinent set of
!    interfaces.  The reality is that NMSs are, to a very large extent, not
     used within Service Provider's networks for a variety of reasons.  In
!    particular, NMSs do not interoperate very well across different
     vendors or even separate platform families within the same vendor.

     The risks of misidentifying one side of a point-to-point link or one
     or more interfaces attached to a multi-access LAN and subsequently
!    increasing its IS-IS metric and potentially increased latency, jitter,
     or packet loss.  This is unacceptable given the necessary performance
!    requirements for a variety of reasons including the customer perception