[Isis-wg] Last Call Review of "IS-IS Reverse Metric" (REPLY to this one with correct draft address)
"Acee Lindem (acee)" <acee@cisco.com> Wed, 31 January 2018 01:33 UTC
Return-Path: <acee@cisco.com>
X-Original-To: isis-wg@ietfa.amsl.com
Delivered-To: isis-wg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 161C31318FD; Tue, 30 Jan 2018 17:33:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.53
X-Spam-Level:
X-Spam-Status: No, score=-14.53 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i5Q81ff2TbRY; Tue, 30 Jan 2018 17:33:33 -0800 (PST)
Received: from alln-iport-4.cisco.com (alln-iport-4.cisco.com [173.37.142.91]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2966213149D; Tue, 30 Jan 2018 17:33:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=261598; q=dns/txt; s=iport; t=1517362408; x=1518572008; h=from:to:cc:subject:date:message-id:mime-version; bh=WpHgRma9VWu41j3dLJNgz0/jRuuKnRCnPcLJJ2Z7Dp8=; b=KU+eQVSfNgNQo/9EXlcki9wbCPynJGYDYsm2Fm1BIpRfdlY1mVR44Ev2 6YNeM4/lqOdsLMJwVAS2FAGdqcGWh4LYqlAKlsT1t7ChF6COLrQhYQPO4 cGrKvqIzql6fAFzzygQsAl3YXDi0tnhnMh/bhoTia2t/wnZzNxdW9WnaE o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DPBAC/G3Fa/5NdJa3IHAMCAQICgQg
X-IronPort-AV: E=Sophos; i="5.46,437,1511827200"; d="scan'208,217"; a="64079151"
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 31 Jan 2018 01:33:27 +0000
Received: from XCH-RTP-011.cisco.com (xch-rtp-011.cisco.com [64.101.220.151]) by rcdn-core-11.cisco.com (8.14.5/8.14.5) with ESMTP id w0V1XRpZ017630 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 31 Jan 2018 01:33:27 GMT
Received: from xch-rtp-015.cisco.com (64.101.220.155) by XCH-RTP-011.cisco.com (64.101.220.151) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Tue, 30 Jan 2018 20:33:25 -0500
Received: from xch-rtp-015.cisco.com ([64.101.220.155]) by XCH-RTP-015.cisco.com ([64.101.220.155]) with mapi id 15.00.1320.000; Tue, 30 Jan 2018 20:33:25 -0500
From: "Acee Lindem (acee)" <acee@cisco.com>
To: "draft-ietf-isis-reverse-metric@ietf.org" <draft-ietf-isis-reverse-metric@ietf.org>
CC: "isis-wg@ietf.org" <isis-wg@ietf.org>
Thread-Topic: Last Call Review of "IS-IS Reverse Metric" (REPLY to this one with correct draft address)
Thread-Index: AQHTmjN9MgS5KvsmG0SmCy+aqMLDYg==
Date: Wed, 31 Jan 2018 01:33:25 +0000
Message-ID: <02147B7B-930E-4D73-A7C4-7375AAAFE1A4@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.116.152.198]
Content-Type: multipart/alternative; boundary="_000_02147B7B930E4D73A7C47375AAAFE1A4ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/isis-wg/tZ-kcryBtsMObdtuJa5-PCmDgKA>
Subject: [Isis-wg] Last Call Review of "IS-IS Reverse Metric" (REPLY to this one with correct draft address)
X-BeenThere: isis-wg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF IS-IS working group <isis-wg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/isis-wg/>
List-Post: <mailto:isis-wg@ietf.org>
List-Help: <mailto:isis-wg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/isis-wg>, <mailto:isis-wg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jan 2018 01:33:43 -0000
I support publication of the subject document. I have the following comments: 1. Section 1.6 – Use RFC 8174 language for keywords. 2. Some acronyms are not expanded on first use, e.g., DIS. 3. Should section 3.4 use normative language? It seems it use “MUST” rather than “must”. 4. In section 2, what do you mean by “neighbor alter parameter” for “sub-TLV len”? 5. Many times the concept of “this node”, “this router”, or “this link” is used when the context of “this” is not apparent. I’ve suggested changes in the editorial suggestions. 6. Finally, I still think the metric in the Reverse Metric TLV should be known as the “Reverse Metric” rather than the “Metric Offset”. However, I don’t feel strongly enough to argue it ad nauseum. Thanks, Acee Suggested editorial changes: *************** *** 16,26 **** Abstract ! This document describes the mechanism to allow IS-IS routing to quickly and accurately shift traffic away from either a point-to- ! point or multi-access LAN interface by signaling to an adjacent IS-IS ! neighbor with the metric towards itself during network maintenance or ! other operational events. Status of This Memo --- 15,26 ---- Abstract ! This document describes a mechanism to allow IS-IS routing to quickly and accurately shift traffic away from either a point-to- ! point or multi-access LAN ace during network maintenance or ! other operational events. This is accomplished by signaling ! adjacent IS-IS neighbors with a higher reverse metric, i.e., the ! metric towards the signaling IS-IS router. Status of This Memo *************** *** 97,111 **** Internet Service Provider IP/MPLS networks. Operational experience with the protocol, combined with ever increasing requirements for lossless operations have demonstrated some operational issues. This ! document describes the issues and a new mechanism for improving it. 1.1. Node and Link Isolation IS-IS routing mechanism has the overload-bit, which can be used by operators to perform disruptive maintenance on the router. But in ! many operational maintenance cases, it is not necessary to displace ! all the traffic away from this node. It is useful to augment only a ! single link or LAN for the maintenance. More detailed descriptions --- 97,111 ---- Internet Service Provider IP/MPLS networks. Operational experience with the protocol, combined with ever increasing requirements for lossless operations have demonstrated some operational issues. This ! document describes the issues and a mechanism for mitigating them. 1.1. Node and Link Isolation IS-IS routing mechanism has the overload-bit, which can be used by operators to perform disruptive maintenance on the router. But in ! many operational maintenance cases, it is not necessary to divert ! all the traffic away from this node. It is useful to avoid only a ! single link or LAN during the maintenance. More detailed descriptions *************** *** 122,139 **** In a distributed forwarding platform, different forwarding line-cards may have interfaces and IS-IS connections to neighbor routers. If one of the line-card's software resets, it may take some time for the ! forwarding entries to be fully populated on this line-card, in ! particular if the router is a PE (Provider Edge) router in ISP's MPLS ! VPN. The IS-IS adjacency may be established with a neighbor router long before the entire BGP VPN prefixes are downloaded to the ! forwarding table. It is important to signal to the network not to ! use this particular IS-IS adjacency inbound to this router if ! possible. Temporarily pushing out the 'Reverse Metric' over this ! link to discourage the traffic into this line-card will help to ! reduce the traffic loss in the network. At the meantime, the remote PE routers will select a different set of PE routers for the BGP best path calculation or use a different link towards the same PE router ! on which another line-card is recovering. 1.3. Spine-Leaf Applications --- 122,139 ---- In a distributed forwarding platform, different forwarding line-cards may have interfaces and IS-IS connections to neighbor routers. If one of the line-card's software resets, it may take some time for the ! forwarding entries to be fully populated on the line-card, in ! particular if the router is a PE (Provider Edge) router in an ISP's MPLS ! VPN. An IS-IS adjacency may be established with a neighbor router long before the entire BGP VPN prefixes are downloaded to the ! forwarding table. It is important to signal adjacent IS-IS routers not ! to use the corresponding IS-IS adjacency inbound to this router if ! possible. Temporarily signaling the 'Reverse Metric' over this ! link to discourage the traffic via the corresponding line-card will help to ! reduce the traffic loss in the network. In the meantime, the remote PE routers will select a different set of PE routers for the BGP best path calculation or use a different link towards the same PE router ! on which another line-card is resetting. 1.3. Spine-Leaf Applications *************** *** 141,164 **** leaf nodes will perform equal-cost or unequal-cost load sharing towards all the spine nodes. In certain operational cases, for instance, when one of the backbone links on a spine node is ! congested, this spine node can push a higher metric towards the ! connected leaf nodes to reduce the transit traffic through this spine ! node or link. 1.4. LDP IGP Synchronization In the [RFC5443], a mechanism is described to achieve LDP IGP synchronization by using the maximum link metric value on the ! interface. But in the case of a new IS-IS node joining the broadcast network (LAN), it is not optimal to change all the nodes on the LAN ! to the maximum link metric value, as described in [RFC6138]. This ! Reverse Metric can be used in this case to discourage both outbound ! and inbound traffic without affecting the traffic of other existing IS-IS nodes on the LAN. 1.5. IS-IS Reverse Metric ! This document proposes that the routing protocol itself be the transport mechanism to allow one IS-IS router to advertise a "reverse metric" in an IS-IS Hello (IIH) PDU to an adjacent node on a point- to-point or multi-access LAN link. This would allow the provisioning --- 141,164 ---- leaf nodes will perform equal-cost or unequal-cost load sharing towards all the spine nodes. In certain operational cases, for instance, when one of the backbone links on a spine node is ! congested, a spine node can push a higher metric towards the ! connected leaf nodes to reduce the transit traffic through the ! corresponding spine node or link. 1.4. LDP IGP Synchronization In the [RFC5443], a mechanism is described to achieve LDP IGP synchronization by using the maximum link metric value on the ! interface. But in the case of a new IS-IS node joining a broadcast network (LAN), it is not optimal to change all the nodes on the LAN ! to the maximum link metric value, as described in [RFC6138]. In this ! case, the Reverse Metric can be used to discourage both outbound ! and inbound traffic without affecting the traffic of other IS-IS nodes on the LAN. 1.5. IS-IS Reverse Metric ! This document avails the routing protocol itself as the transport mechanism to allow one IS-IS router to advertise a "reverse metric" in an IS-IS Hello (IIH) PDU to an adjacent node on a point- to-point or multi-access LAN link. This would allow the provisioning *************** *** 170,189 **** Internet-Draft IS-IS Reverse Metric January 2018 ! to be performed only on a single node, set a "reverse metric" on a link and have traffic bidirectionally shift away from that link gracefully to alternate, viable paths. ! This Reverse Metric mechanism is to be used for both point-to-point ! and multi-access LAN links. Unlike the point-to-point link, IS-IS protocol currently does not have a way to influence the traffic ! towards a particular node on LAN links. This proposal enables IS-IS routing the capability of altering traffic in both directions on ! either a point-to-point link or on a multi-access link of a node. The metric value in the "reverse metric" TLV and the TE metric in the sub-TLV being advertised is an offset or relative metric to be added ! on top of the existing local link and TE metric value of the receiver. 1.6. Specification of Requirements --- 170,189 ---- Internet-Draft IS-IS Reverse Metric January 2018 ! to be performed only on a single node, setting a "reverse metric" on a link and have traffic bidirectionally shift away from that link gracefully to alternate, viable paths. ! This Reverse Metric mechanism is used for both point-to-point ! and multi-access LAN links. Unlike point-to-point links, the IS-IS protocol currently does not have a way to influence the traffic ! towards a particular node on LAN links. This mechanism provides IS-IS routing the capability of altering traffic in both directions on ! either a point-to-point link or a multi-access link of an IS-IS node. The metric value in the "reverse metric" TLV and the TE metric in the sub-TLV being advertised is an offset or relative metric to be added ! to the existing local link and TE metric values of the receiver. 1.6. Specification of Requirements *************** *** 195,215 **** 2. IS-IS Reverse Metric TLV The Reverse Metric TLV is composed of a 1 octet field of Flags, a 3 ! octet field containing an IS-IS Metric, and a 1 octet Traffic Engineering (TE) sub-TLV length field representing the length of a variable number of Extended Intermediate System (IS) Reachability sub-TLVs. If the "sub-TLV len" is non-zero, then the Value field ! MUST also contain data of 1 or more Extended IS Reachability sub- TLVs. The Reverse Metric TLV is optional. The Reverse Metric TLV may be present in any IS-IS Hello PDU. A sender MUST only transmit a single ! Reverse Metric TLV in a IS-IS Hello PDU. If a received IS-IS Hello PDU contains more than one Reverse Metric TLV, an implementation ! SHOULD ignore all the Reverse Metric TLVs in this error condition. ! 0 1 2 3 ! 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Flags | Metric Offset +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ --- 195,216 ---- 2. IS-IS Reverse Metric TLV The Reverse Metric TLV is composed of a 1 octet field of Flags, a 3 ! octet field containing an IS-IS Metric Offset, and a 1 octet Traffic Engineering (TE) sub-TLV length field representing the length of a variable number of Extended Intermediate System (IS) Reachability sub-TLVs. If the "sub-TLV len" is non-zero, then the Value field ! MUST also contain one or more Extended IS Reachability sub- TLVs. The Reverse Metric TLV is optional. The Reverse Metric TLV may be present in any IS-IS Hello PDU. A sender MUST only transmit a single ! Reverse Metric TLV in an IS-IS Hello PDU. If a received IS-IS Hello PDU contains more than one Reverse Metric TLV, an implementation ! SHOULD ignore all the Reverse Metric TLVs and tread it as an ! error condition. ! 0 1 2 3 ! 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Flags | Metric Offset +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ *************** *** 244,254 **** The Metric Offset field contains a 24-bit unsigned integer of an IS- IS metric that a neighbor SHOULD add to the existing, configured ! "default metric" of the IS-IS link. Refer to "Elements of Procedure", in Section 3 for details on how an IS-IS router should process the Metric Offset field in a Reverse Metric TLV. ! There is currently only two Flag bits defined. W bit (0x01): The "Whole LAN" bit is only used in the context of multi-access LANs. When a Reverse Metric TLV is transmitted from a --- 245,255 ---- The Metric Offset field contains a 24-bit unsigned integer of an IS- IS metric that a neighbor SHOULD add to the existing, configured ! "default metric" for the IS-IS link. Refer to "Elements of Procedure", in Section 3 for details on how an IS-IS router should process the Metric Offset field in a Reverse Metric TLV. ! There are currently only two Flag bits defined. W bit (0x01): The "Whole LAN" bit is only used in the context of multi-access LANs. When a Reverse Metric TLV is transmitted from a *************** *** 260,275 **** existing "default metric" in the Pseudonode LSP for the single node from whom the Reverse Metric TLV was received. Please refer to "Multi-Access LAN Procedures", in Section 3.3, for additional ! details. The W bit MUST be unset when a Reverse Metric TLV is ! transmitted in a IIH PDU onto a point-to-point link to a neighbor, ! and the W bit MUST be ignored upon receiving on a point-to-point link. U bit (0x02): The "Unreachable" bit is used by the IS-IS node to ! request the neighbor for setting the accumulated metric value to be ! limited to (2^24-1). This "U" bit applies to both the default metric ! of Extended IS Reachability TLV and the TE default-metric sub-TLV of ! the link. This is only relevant to the IS-IS "wide" metric mode. The "sub-TLV Len" value is non-zero when an IS-IS router wishes to signal that its neighbor alter parameters contained in the neighbor's --- 261,276 ---- existing "default metric" in the Pseudonode LSP for the single node from whom the Reverse Metric TLV was received. Please refer to "Multi-Access LAN Procedures", in Section 3.3, for additional ! details. The W bit MUST be clear when a Reverse Metric TLV is ! transmitted in an IIH PDU on a point-to-point link, ! and MUST be ignored when received on a point-to-point link. U bit (0x02): The "Unreachable" bit is used by the IS-IS node to ! request the neighbor not to set the accumulated metric value greater ! than (2^24-1). This "U" bit applies to both the default metric ! in the Extended IS Reachability TLV and the TE default-metric sub-TLV of ! the link. This is only relevant to IS-IS "wide" metric mode. The "sub-TLV Len" value is non-zero when an IS-IS router wishes to signal that its neighbor alter parameters contained in the neighbor's *************** *** 282,288 **** Internet-Draft IS-IS Reverse Metric January 2018 ! [RFC5305]. This document defines that only the "Traffic Engineering Default Metric" sub-TLV, sub-TLV Type 18, may be sent toward neighbors in the Reverse Metric TLV, because that is used in Constrained Shortest Path First (CSPF) computations. Upon receiving --- 283,289 ---- Internet-Draft IS-IS Reverse Metric January 2018 ! [RFC5305]. Only the "Traffic Engineering Default Metric" sub-TLV, sub-TLV Type 18, may be sent toward neighbors in the Reverse Metric TLV, because that is used in Constrained Shortest Path First (CSPF) computations. Upon receiving *************** *** 297,317 **** 3.1. Processing Changes to Default Metric ! The Metric Offset field, in the Reverse Metric TLV, is a "default metric" that will either be in the range of 0 - 63 when a "narrow" IS-IS metric is used (IS Neighbors TLV, Pseudonode LSP) [RFC1195] or in the range of 0 - (2^24 - 2) when a "wide" Traffic Engineering metric value is used, (Extended IS Reachability TLV) [RFC5305] ! [RFC5817]. It is important to use the same IS-IS metric mode in both ends of the link. On the receiving side of the 'reverse-metric' TLV, the accumulated value of configured metric and the reverse-metric needs to be limited to 63 in "narrow" metric mode and to (2^24 - 2) in "wide" metric mode. This applies to both the default metric of ! Extended IS Reachability TLV and the TE default-metric sub-TLV in LSP ! or Pseudonode LSP with the "wide" metric mode case. If the "U" bit ! is present in the flag, the accumulated metric value is to be limited ! to (2^24 - 1) instead, and this applies to both the normal link ! metric and TE metric in IS-IS "wide" metric mode. If an IS-IS router is configured to originate a TE Default Metric sub-TLV for a link, but receives a Reverse Metric TLV from its --- 298,318 ---- 3.1. Processing Changes to Default Metric ! The Metric Offset field, in the Reverse Metric TLV, is a "reverse metric" that will either be in the range of 0 - 63 when a "narrow" IS-IS metric is used (IS Neighbors TLV, Pseudonode LSP) [RFC1195] or in the range of 0 - (2^24 - 2) when a "wide" Traffic Engineering metric value is used, (Extended IS Reachability TLV) [RFC5305] ! [RFC5817]. It is important to use the same IS-IS metric mode on both ends of the link. On the receiving side of the 'reverse-metric' TLV, the accumulated value of configured metric and the reverse-metric needs to be limited to 63 in "narrow" metric mode and to (2^24 - 2) in "wide" metric mode. This applies to both the default metric of ! Extended IS Reachability TLV and the TE default-metric sub-TLV in the LSP ! or Pseudonode LSP for the "wide" metric mode case. If the "U" bit ! is present in the Flags, the accumulated metric value is limited ! to (2^24 - 1) for both the normal link metric and TE metric in ! IS-IS "wide" metric mode. If an IS-IS router is configured to originate a TE Default Metric sub-TLV for a link, but receives a Reverse Metric TLV from its *************** *** 323,331 **** The Reverse Metric TLV is applicable to Multi-Topology IS-IS (M-ISIS) [RFC5120] capable point-to-point links. If an IS-IS router is ! configured for M-ISIS it MUST send only a single Reverse Metric TLV in IIH PDUs toward its neighbor(s) on the designated link. When an ! M-ISIS router receives a Reverse Metric TLV it MUST add the received Metric Offset value to its default metric in all Extended IS Reachability TLVs for all topologies. If an M-ISIS router receives a Reverse Metric TLV with a TE Default Metric sub-TLV, then the M-ISIS --- 324,332 ---- The Reverse Metric TLV is applicable to Multi-Topology IS-IS (M-ISIS) [RFC5120] capable point-to-point links. If an IS-IS router is ! configured for M-ISIS, it MUST send only a single Reverse Metric TLV in IIH PDUs toward its neighbor(s) on the designated link. When an ! M-ISIS router receives a Reverse Metric TLV, it MUST add the received Metric Offset value to its default metric in all Extended IS Reachability TLVs for all topologies. If an M-ISIS router receives a Reverse Metric TLV with a TE Default Metric sub-TLV, then the M-ISIS *************** *** 360,391 **** On a Multi-Access LAN, only the DIS SHOULD act upon information contained in a received Reverse Metric TLV. All non-DIS nodes MUST silently ignore a received Reverse Metric TLV. The decision process ! of the routers on this LAN MUST follow the procedure in section 7.2.8.2 of [ISO10589], and use the "Two-way connectivity check" during the topology and route calculation. The Reverse Metric TE sub-TLV also applies to the DIS. If a DIS is ! configured to apply TE over the link and it receives TE metric sub- ! TLV in Reverse Metric TLV, it should update TE Default Metric sub-TLV ! value of corresponding Extended IS Reachability TLV or insert new one ! if it was not present there. In the case of multi-access LANs, the "W" Flags bit is used to signal ! from a non-DIS to the DIS whether to change the metric and optionally Traffic Engineering parameters for all nodes in the Pseudonode LSP or ! a single node on the LAN, (the originator of the Reverse Metric TLV). ! A non-DIS node, e.g.: Router B, attached to a multi-access LAN will ! send a Reverse Metric TLV with the W bit set to 0 to the DIS, when Router B wishes the DIS to add the Metric Offset value to the default metric contained in the Pseudonode LSP specific to just Router B. ! Other non-DIS nodes, i.e.: Routers C and D, may simultaneously send a ! Reverse Metric TLV with the W bit set to 0 to request the DIS add their own Metric Offset value to their default metric contained in the Pseudonode LSP. When the DIS receives a properly formatted ! Reverse Metric TLV with the W bit set to 0, the DIS MUST only add the default metric contained in its Pseudonode LSP for the specific ! neighbor that sent the Reverse Metric TLV. --- 361,392 ---- On a Multi-Access LAN, only the DIS SHOULD act upon information contained in a received Reverse Metric TLV. All non-DIS nodes MUST silently ignore a received Reverse Metric TLV. The decision process ! of the routers on the LAN MUST follow the procedure in section 7.2.8.2 of [ISO10589], and use the "Two-way connectivity check" during the topology and route calculation. The Reverse Metric TE sub-TLV also applies to the DIS. If a DIS is ! configured to apply TE over a link and it receives TE metric sub- ! TLV in a Reverse Metric TLV, it should update the TE Default Metric ! sub-TLV value of the corresponding Extended IS Reachability TLV or ! insert a new one if not present. In the case of multi-access LANs, the "W" Flags bit is used to signal ! from a non-DIS to the DIS whether to change the metric and, optionally, Traffic Engineering parameters for all nodes in the Pseudonode LSP or ! or solely the node on the LAN originating the Reverse Metric TLV. ! A non-DIS node, e.g., Router B, attached to a multi-access LAN will ! send the DIS a Reverse Metric TLV with the W bit clear when Router B wishes the DIS to add the Metric Offset value to the default metric contained in the Pseudonode LSP specific to just Router B. ! Other non-DIS nodes, e.g., Routers C and D, may simultaneously send a ! Reverse Metric TLV with the W bit clear to request the DIS to add their own Metric Offset value to their default metric contained in the Pseudonode LSP. When the DIS receives a properly formatted ! Reverse Metric TLV with the W bit clear, the DIS MUST only add the default metric contained in its Pseudonode LSP for the specific ! neighbor that sent the correspondig Reverse Metric TLV. *************** *** 397,411 **** As long as at least one IS-IS node on the LAN sending the signal to DIS with the W bit set, the DIS would add the metric value in the Reverse Metric TLV to all neighbor adjacencies in the Pseudonode LSP, ! regardless if some of the nodes on the LAN send the Reverse Metric ! TLV without the W bit set. The DIS MUST use the metric of the ! highest source MAC address of the node sending the TLV with the W bit ! set. The DIS MUST use the metric value towards the nodes which ! explicitly send the Reverse Metric TLV. Local provisioning on the DIS to adjust the default metric(s) contained in the Pseudonode LSP MUST take precedence over received ! Reverse Metric TLVs. For instance, local policy of the DIS may be provisioned to ignore the W bit signaling on a LAN. 3.4. Point-To-Point Link Procedures --- 398,412 ---- As long as at least one IS-IS node on the LAN sending the signal to DIS with the W bit set, the DIS would add the metric value in the Reverse Metric TLV to all neighbor adjacencies in the Pseudonode LSP, ! regardless if some of the nodes on the LAN advertise the Reverse Metric ! TLV without the W bit set. The DIS MUST use the reverse metric of the ! highest source MAC address Non-DIS advertising the Reverse Metrc TLV ! with the W bit set. The DIS MUST use the metric value towards the ! nodes which explicitly advertise the Reverse Metric TLV. Local provisioning on the DIS to adjust the default metric(s) contained in the Pseudonode LSP MUST take precedence over received ! Reverse Metric TLVs. For instance, local policy on the DIS may be provisioned to ignore the W bit signaling on a LAN. 3.4. Point-To-Point Link Procedures *************** *** 422,445 **** 3.5. LDP/IGP Synchronization on LANs As described in [RFC6138] when a new IS-IS node joins a broadcast ! network, it is unnecessary and sometimes even harmful to put IS-IS ! maximum link metric on all the nodes. [RFC6138] proposes a solution ! to have the new node not advertising the adjacency towards the ! pseudo-node when it is not in a "cut-edge" position. With the introduction of Reverse Metric in this document, a simpler alternative solution to the above mentioned problem can be used. The ! Reverse Metric allows the new node on the LAN to have the inbound metric value to be the maximum and this puts the link of this new node in the last resort position without impacting the other IS-IS nodes on the same LAN. Specifically, when IS-IS adjacencies are being established by the new node on the LAN, besides setting the maximum link metric value (2^24 ! - 2) on the interface of the LAN for the LDP IGP synchronization as described in [RFC5443], it SHOULD advertise the maximum metric offset ! value in the Reverse Metric TLV in its IIH PDU to the LAN. It SHOULD ! continue this advertisement until it completes all the LDP label binding exchanges with all the neighbors over this LAN, either by --- 423,446 ---- 3.5. LDP/IGP Synchronization on LANs As described in [RFC6138] when a new IS-IS node joins a broadcast ! network, it is unnecessary and sometimes even harmful for all IS-IS ! nodes on the LAN to advertise maximum link metric. [RFC6138] proposes ! a solution to have the new node not advertise its adjacency towards the ! pseudo-node LSP when it is not in a "cut-edge" position. With the introduction of Reverse Metric in this document, a simpler alternative solution to the above mentioned problem can be used. The ! Reverse Metric allows the new node on the LAN to advertise its inbound metric value to be the maximum and this puts the link of this new node in the last resort position without impacting the other IS-IS nodes on the same LAN. Specifically, when IS-IS adjacencies are being established by the new node on the LAN, besides setting the maximum link metric value (2^24 ! - 2) on the interface of the LAN for LDP IGP synchronization as described in [RFC5443], it SHOULD advertise the maximum metric offset ! value in the Reverse Metric TLV in its IIH PDU sent on the LAN. It SHOULD ! continue this advertisement until it completes all LDP label binding exchanges with all the neighbors over this LAN, either by *************** *** 451,457 **** receiving the LDP End-of-LIB [RFC5919] for all the sessions or by ! exceeding the provisioned timeout value on the node. 3.6. Operational Guidelines --- 452,459 ---- receiving the LDP End-of-LIB [RFC5919] for all the sessions or by ! exceeding the provisioned timeout value for node LDP/IGP ! synchronization. 3.6. Operational Guidelines *************** *** 464,484 **** Routers that receive a Reverse Metric TLV MAY send a syslog message or SNMP trap, in order to assist in rapidly identifying the node in ! the network that is asserting an IS-IS metric or Traffic Engineering parameters different from that which is configured locally on the device. It is RECOMMENDED that implementations provide a capability to ! disable any changes to a node's, or individual interfaces of the ! node, default metric or Traffic Engineering parameters based upon ! receiving properly formatted Reverse Metric TLVs. 4. Security Considerations The enhancement in this document makes it possible for one IS-IS ! router to manipulate the IS-IS default metric or optionally Traffic Engineering parameters of adjacent IS-IS neighbors. Although IS-IS ! routers within a single Autonomous System nearly always reside under the control of a single administrative authority, it is highly RECOMMENDED that operators configure authentication of IS-IS PDUs to mitigate use of the Reverse Metric TLV as a potential attack vector, --- 466,486 ---- Routers that receive a Reverse Metric TLV MAY send a syslog message or SNMP trap, in order to assist in rapidly identifying the node in ! the network that is advertising an IS-IS metric or Traffic Engineering parameters different from that which is configured locally on the device. It is RECOMMENDED that implementations provide a capability to ! disable any changes to a node's individual interface ! default metric or Traffic Engineering parameters based upon ! receiving a properly formatted Reverse Metric TLVs. 4. Security Considerations The enhancement in this document makes it possible for one IS-IS ! router to manipulate the IS-IS default metric and, optionally, Traffic Engineering parameters of adjacent IS-IS neighbors. Although IS-IS ! routers within a single Autonomous System nearly always are under the control of a single administrative authority, it is highly RECOMMENDED that operators configure authentication of IS-IS PDUs to mitigate use of the Reverse Metric TLV as a potential attack vector, *************** *** 497,503 **** Ilya Varlashkin, Jay Chen, Les Ginsberg, Peter Ashwood-Smith, Uma Chunduri, Alexander Okonnikov, Jonathan Harrison, Dave Ward, Himanshu Shah, Wes George, Danny McPherson, Ed Crabbe, Russ White, Robert ! Razsuk and Tom Petch for their comments and contributions. --- 499,505 ---- Ilya Varlashkin, Jay Chen, Les Ginsberg, Peter Ashwood-Smith, Uma Chunduri, Alexander Okonnikov, Jonathan Harrison, Dave Ward, Himanshu Shah, Wes George, Danny McPherson, Ed Crabbe, Russ White, Robert ! Razsuk, Tom Petch, and Acee Lindem for their comments and contributions. *************** *** 573,592 **** Appendix A. Node Isolation Challenges ! On rare occasions it is necessary for an operator to perform ! disruptive network maintenance on an entire IS-IS router node, i.e.: major software upgrades, power/cooling augments, etc. In these cases, an operator will set the IS-IS Overload Bit (OL-bit) within the Link State Protocol Data Units (LSPs) of the IS-IS router about ! to undergo maintenance. The IS-IS router immediately floods the ! updated LSPs to all IS-IS routers throughout the IS-IS domain. Upon receipt of the updated LSPs, all IS-IS routers recalculate their Shortest Path First (SPF) tree excluding IS-IS routers whose LSPs have the OL-bit set. This effectively removes the IS-IS router about to undergo maintenance from the topology, thus preventing it from ! forwarding any transit traffic during the maintenance period. ! After the maintenance activity is completed, the operator resets the IS-IS Overload Bit within the LSPs of the original IS-IS router causing it to flood updated IS-IS LSPs throughout the IS-IS domain. All IS-IS routers recalculate their SPF tree and now include the --- 575,594 ---- Appendix A. Node Isolation Challenges ! On rare occasions, it is necessary for an operator to perform ! disruptive network maintenance on an entire IS-IS router node, i.e., major software upgrades, power/cooling augments, etc. In these cases, an operator will set the IS-IS Overload Bit (OL-bit) within the Link State Protocol Data Units (LSPs) of the IS-IS router about ! to undergo maintenance. The IS-IS router immediately floods its ! updated LSPs to all IS-IS routers in the IS-IS domain. Upon receipt of the updated LSPs, all IS-IS routers recalculate their Shortest Path First (SPF) tree excluding IS-IS routers whose LSPs have the OL-bit set. This effectively removes the IS-IS router about to undergo maintenance from the topology, thus preventing it from ! receiving any transit traffic during the maintenance period. ! After the maintenance activity has completed, the operator resets the IS-IS Overload Bit within the LSPs of the original IS-IS router causing it to flood updated IS-IS LSPs throughout the IS-IS domain. All IS-IS routers recalculate their SPF tree and now include the *************** *** 595,609 **** Isolating an entire IS-IS router from the topology can be especially disruptive due to the displacement of a large volume of traffic ! through an entire IS-IS router to other, sub-optimal paths, (i.e.: those with significantly larger delay). Thus, in the majority of network maintenance scenarios, where only a single link or LAN needs to be augmented to increase its physical capacity or is experiencing an intermittent failure, it is much more common and desirable to gracefully remove just the targeted link or LAN from service, temporarily, so that the least amount of user-data traffic is ! affected while intrusive augment, diagnostic and/or replacement ! procedures are being executed. Appendix B. Link Isolation Challenges --- 597,610 ---- Isolating an entire IS-IS router from the topology can be especially disruptive due to the displacement of a large volume of traffic ! through an entire IS-IS router to other, sub-optimal paths, (e.g., those with significantly larger delay). Thus, in the majority of network maintenance scenarios, where only a single link or LAN needs to be augmented to increase its physical capacity or is experiencing an intermittent failure, it is much more common and desirable to gracefully remove just the targeted link or LAN from service, temporarily, so that the least amount of user-data traffic is ! affected during the link-specific network maintenance. Appendix B. Link Isolation Challenges *************** *** 621,665 **** LAN. In doing so, the devices generate new Link State Protocol Data Units (LSPs) that are flooded throughout the network and cause all routers to gradually shift traffic onto alternate paths with very ! little, to no, disruption to in-flight communications by applications or end-users. When performed successfully, this allows the operator ! to confidently perform disruptive augmentation, fault diagnosis or repairs on a link without disturbing ongoing communications in the network. ! The challenge with the above solution are as follows. First, it is ! quite common to have routers with several hundred interfaces onboard ! and individual interfaces that are transferring several hundred Gigabits/second to Terabits/second of traffic. Thus, it is imperative that operators accurately identify the same point-to-point link on two, separate devices in order to increase (and, afterward, decrease) the IS-IS metric appropriately. Second, the aforementioned solution is very time consuming and even more error-prone to perform ! when its necessary to temporarily remove a multi-access LAN from the network topology. Specifically, the operator needs to configure ALL ! devices's that have interfaces attached to the multi-access LAN with an appropriately high IS-IS metric, (and then decrease the IS-IS metric to its original value afterward). Finally, with respect to multi-access LANs, there is currently no method to bidirectionally ! isolate only a single node's interface on the LAN when performed more fine-grained diagnosis and repairs to the multi-access LAN. In theory, use of a Network Management System (NMS) could improve the accuracy of identifying the appropriate subset of routers attached to either a point-to-point link or a multi-access LAN as well as signaling from the NMS to those devices, using a network management ! protocol, to adjust the IS-IS metrics on the pertinent set of ! interfaces. The reality is that NMS are, to a very large extent, not used within Service Provider's networks for a variety of reasons. In ! particular, NMS do not interoperate very well across different vendors or even separate platform families within the same vendor. The risks of misidentifying one side of a point-to-point link or one or more interfaces attached to a multi-access LAN and subsequently ! increasing its IS-IS metric are potentially increased latency, jitter or packet loss. This is unacceptable given the necessary performance ! requirements for a variety of applications, the customer perception ! for near lossless operations and the associated, demanding Service Level Agreement's (SLAs) for all network services. --- 622,666 ---- LAN. In doing so, the devices generate new Link State Protocol Data Units (LSPs) that are flooded throughout the network and cause all routers to gradually shift traffic onto alternate paths with very ! little or no disruption to in-flight communications by applications or end-users. When performed successfully, this allows the operator ! to confidently perform disruptive augmentation, fault diagnosis, or repairs on a link without disturbing ongoing communications in the network. ! The challenges with the above solution are as follows. First, it is ! quite common to have routers with several hundred interfaces ! and individual interfaces that are transferring from several hundred Gigabits/second to Terabits/second of traffic. Thus, it is imperative that operators accurately identify the same point-to-point link on two, separate devices in order to increase (and, afterward, decrease) the IS-IS metric appropriately. Second, the aforementioned solution is very time consuming and even more error-prone to perform ! when it's necessary to temporarily remove a multi-access LAN from the network topology. Specifically, the operator needs to configure ALL ! devices that have interfaces attached to the multi-access LAN with an appropriately high IS-IS metric, (and then decrease the IS-IS metric to its original value afterward). Finally, with respect to multi-access LANs, there is currently no method to bidirectionally ! isolate only a single node's interface on the LAN when performing more fine-grained diagnosis and repairs to the multi-access LAN. In theory, use of a Network Management System (NMS) could improve the accuracy of identifying the appropriate subset of routers attached to either a point-to-point link or a multi-access LAN as well as signaling from the NMS to those devices, using a network management ! protocol to adjust the IS-IS metrics on the pertinent set of ! interfaces. The reality is that NMSs are, to a very large extent, not used within Service Provider's networks for a variety of reasons. In ! particular, NMSs do not interoperate very well across different vendors or even separate platform families within the same vendor. The risks of misidentifying one side of a point-to-point link or one or more interfaces attached to a multi-access LAN and subsequently ! increasing its IS-IS metric and potentially increased latency, jitter, or packet loss. This is unacceptable given the necessary performance ! requirements for a variety of reasons including the customer perception
- [Isis-wg] Last Call Review of "IS-IS Reverse Metr… Acee Lindem (acee)