draft-ietf-isis-reverse-metric-12-review.txt | draft-ietf-isis-reverse-metric-12-review-2.txt | |||
---|---|---|---|---|
Networking Working Group N. Shen | Networking Working Group N. Shen | |||
Internet-Draft Cisco Systems | Internet-Draft Cisco Systems | |||
Intended status: Standards Track S. Amante | Intended status: Standards Track S. Amante | |||
Expires: March 28, 2019 Apple, Inc. | Expires: March 31, 2019 Apple, Inc. | |||
M. Abrahamsson | M. Abrahamsson | |||
T-Systems Nordic | T-Systems Nordic | |||
September 24, 2018 | September 27, 2018 | |||
IS-IS Routing with Reverse Metric | IS-IS Routing with Reverse Metric | |||
draft-ietf-isis-reverse-metric-12 | draft-ietf-isis-reverse-metric-12 | |||
Abstract | Abstract | |||
This document describes a mechanism to allow IS-IS routing to quickly | This document describes a mechanism to allow IS-IS routing to quickly | |||
and accurately shift traffic away from either a point-to-point or | and accurately shift traffic away from either a point-to-point or | |||
multi-access LAN interface during network maintenance or other | multi-access LAN interface during network maintenance or other | |||
operational events. This is accomplished by signaling adjacent IS-IS | operational events. This is accomplished by signaling adjacent IS-IS | |||
skipping to change at page 1, line 38 | skipping to change at page 1, line 38 | |||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
This Internet-Draft will expire on March 28, 2019. | This Internet-Draft will expire on March 31, 2019. | |||
Copyright Notice | Copyright Notice | |||
Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
document authors. All rights reserved. | document authors. All rights reserved. | |||
This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
(http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
publication of this document. Please review these documents | publication of this document. Please review these documents | |||
skipping to change at page 2, line 34 | skipping to change at page 2, line 34 | |||
3.5. Operational Guidelines . . . . . . . . . . . . . . . . . 9 | 3.5. Operational Guidelines . . . . . . . . . . . . . . . . . 9 | |||
4. Security Considerations . . . . . . . . . . . . . . . . . . . 9 | 4. Security Considerations . . . . . . . . . . . . . . . . . . . 9 | |||
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 | 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 | |||
6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 10 | 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 10 | |||
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 | 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 | |||
7.1. Normative References . . . . . . . . . . . . . . . . . . 10 | 7.1. Normative References . . . . . . . . . . . . . . . . . . 10 | |||
7.2. Informative References . . . . . . . . . . . . . . . . . 11 | 7.2. Informative References . . . . . . . . . . . . . . . . . 11 | |||
Appendix A. Node Isolation Challenges . . . . . . . . . . . . . 12 | Appendix A. Node Isolation Challenges . . . . . . . . . . . . . 12 | |||
Appendix B. Link Isolation Challenges . . . . . . . . . . . . . 12 | Appendix B. Link Isolation Challenges . . . . . . . . . . . . . 12 | |||
Appendix C. Contributors' Addresses . . . . . . . . . . . . . . 13 | Appendix C. Contributors' Addresses . . . . . . . . . . . . . . 13 | |||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 | |||
1. Introduction | 1. Introduction | |||
The IS-IS [ISO10589] routing protocol has been widely used in | The IS-IS [ISO10589] routing protocol has been widely used in | |||
Internet Service Provider IP/MPLS networks. Operational experience | Internet Service Provider IP/MPLS networks. Operational experience | |||
with the protocol, combined with ever increasing requirements for | with the protocol, combined with ever increasing requirements for | |||
lossless operations have demonstrated some operational issues. This | lossless operations have demonstrated some operational issues. This | |||
document describes the issues and a mechanism for mitigating them. | document describes the issues and a mechanism for mitigating them. | |||
1.1. Node and Link Isolation | 1.1. Node and Link Isolation | |||
skipping to change at page 4, line 47 | skipping to change at page 4, line 47 | |||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| Type | Length | Flags | Metric | | Type | Length | Flags | Metric | |||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
Metric (Continue) | sub-TLV Len |Optional sub-TLV | Metric (Continue) | sub-TLV Len |Optional sub-TLV | |||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
Figure 1: Reverse Metric TLV | Figure 1: Reverse Metric TLV | |||
The Value part of the Reverse Metric TLV is composed of a 3 octet | The Value part of the Reverse Metric TLV is composed of a 3 octet | |||
field containing an IS-IS Metric Value, a 1 octet field of Flags, and | field containing an IS-IS Metric Value, a 1 octet field of Flags, and | |||
a 1 octet Traffic Engineering (TE) sub-TLV length field representing | a 1 octet Reverse Metric sub-TLV length field representing the length | |||
the length of a variable number of sub-TLVs. If the "sub-TLV len" is | of a variable number of sub-TLVs. If the "sub-TLV len" is non-zero, | |||
non-zero, then the Value field MUST also contain one or more Extended | then the Value field MUST also contain one or more sub-TLVs. | |||
IS Reachability sub-TLVs [RFC5305]. | ||||
The Reverse Metric TLV may be optionally present in any IS-IS Hello | The Reverse Metric TLV MAY be optionally present in any IS-IS Hello | |||
PDU. A sender MUST only transmit a single Reverse Metric TLV in a | PDU. A sender MUST only transmit a single Reverse Metric TLV in a | |||
IS-IS Hello PDU. If a received IS-IS Hello PDU contains more than | IS-IS Hello PDU. If a received IS-IS Hello PDU contains more than | |||
one Reverse Metric TLV, an implementation MUST ignore all the Reverse | one Reverse Metric TLV, an implementation MUST ignore all the Reverse | |||
Metric TLVs. If an IS-IS node received of IS-IS Reverse Metric TLV | Metric TLVs. | |||
in the PDU other than the IS-IS Hello PDU, this TLV MUST be ignored. | ||||
TYPE: 16 | TYPE: 16 | |||
LENGTH: variable (5 - 255 octets) | LENGTH: variable (5 - 255 octets) | |||
VALUE: | VALUE: | |||
Flags (1 octet) | Flags (1 octet) | |||
Metric (3 octets) | Metric (3 octets) | |||
sub-TLV length (1 octet) | sub-TLV length (1 octet) | |||
sub-TLV data (0 - 250 octets) | sub-TLV data (0 - 250 octets) | |||
skipping to change at page 6, line 15 | skipping to change at page 6, line 14 | |||
transmitted in an IIH PDU on a point-to-point link, and MUST be | transmitted in an IIH PDU on a point-to-point link, and MUST be | |||
ignored when received on a point-to-point link. | ignored when received on a point-to-point link. | |||
U bit (0x02): The "Unreachable" bit specifies that the metric | U bit (0x02): The "Unreachable" bit specifies that the metric | |||
calculated by addition of the reverse metric value to the "default | calculated by addition of the reverse metric value to the "default | |||
metric" is limited to (2^24-1). This "U" bit applies to both the | metric" is limited to (2^24-1). This "U" bit applies to both the | |||
default metric in the Extended IS Reachability TLV and the Traffic | default metric in the Extended IS Reachability TLV and the Traffic | |||
Engineering Default Metric sub-TLV of the link. This is only | Engineering Default Metric sub-TLV of the link. This is only | |||
relevant to the IS-IS "wide" metric mode. | relevant to the IS-IS "wide" metric mode. | |||
The Reserved bits of Flags field MUST be set to zero and MUST be | ||||
ignored when received. | ||||
The Reverse Metric TLV MAY include sub-TLVs when an IS-IS router | The Reverse Metric TLV MAY include sub-TLVs when an IS-IS router | |||
wishes to signal to its neighbor to raise its Traffic Engineering | wishes to signal additional information to its neighbor. In this | |||
(TE) Metric over the link. The Sub-TLV Type 18, the "Traffic | document, the Reverse Metric Traffic Engineering Metric sub-TLV, with | |||
Engineering Default Metric" sub-TLV [RFC5305], is defined to be | Type 18, is defined. This Traffic Engineering Metric contains a | |||
included in the Reverse Metric TLV. Upon receiving this Traffic | 24-bit unsigned integer. This sub-TLV is optional, and MUST appear | |||
Engineering METRIC sub-TLV in a Reverse Metric TLV, a node SHOULD add | once at most in the Reverse Metric TLV, otherwise the entire Reverse | |||
the received Traffic Engineering Default Metric offset value to its | Metric TLV MUST be ignore on the receive. Upon receiving this | |||
existing, configured Traffic Engineering Default Metric within its | Traffic Engineering METRIC sub-TLV in a Reverse Metric TLV, a node | |||
Extended IS Reachability TLV. Use of other sub-TLVs is outside the | SHOULD add the received Traffic Engineering Metric offset value to | |||
scope of this document. The "sub-TLV Len" value MUST be set to zero | its existing, configured Traffic Engineering Default Metric within | |||
when an IS-IS router does not have Traffic Engineering sub-TLVs that | its Extended IS Reachability TLV. The use of other sub-TLVs is | |||
it wishes to send to its IS-IS neighbor. | outside the scope of this document. The "sub-TLV Len" value MUST be | |||
set to zero when an IS-IS router does not have Traffic Engineering | ||||
sub-TLVs that it wishes to send to its IS-IS neighbor. | ||||
3. Elements of Procedure | 3. Elements of Procedure | |||
3.1. Processing Changes to Default Metric | 3.1. Processing Changes to Default Metric | |||
It is important to use the same IS-IS metric type on both ends of the | It is important to use the same IS-IS metric type on both ends of the | |||
link and in the entire IS-IS area or level. On the receiving side of | link and in the entire IS-IS area or level. On the receiving side of | |||
the 'reverse-metric' TLV, the accumulated value of configured metric | the 'reverse-metric' TLV, the accumulated value of configured metric | |||
and the reverse-metric needs to be limited to 63 in "narrow" metric | and the reverse-metric needs to be limited to 63 in "narrow" metric | |||
mode and to (2^24 - 2) in "wide" metric mode. This applies to both | mode and to (2^24 - 2) in "wide" metric mode. This applies to both | |||
skipping to change at page 9, line 40 | skipping to change at page 9, line 42 | |||
link. It is RECOMMENDED also that the CSPF does the immediate CSPF | link. It is RECOMMENDED also that the CSPF does the immediate CSPF | |||
re-calculation when the Traffic Engineering metric is raised to (2^24 | re-calculation when the Traffic Engineering metric is raised to (2^24 | |||
- 2) to be the last resort link. | - 2) to be the last resort link. | |||
It is RECOMMENDED that implementations provide a capability to | It is RECOMMENDED that implementations provide a capability to | |||
disable any changes by Reverse Metric mechanism through neighbor's | disable any changes by Reverse Metric mechanism through neighbor's | |||
Hello PDUs. It can be to a node's individual interface Default | Hello PDUs. It can be to a node's individual interface Default | |||
Metric or Traffic Engineering parameters based upon receiving a | Metric or Traffic Engineering parameters based upon receiving a | |||
properly formatted Reverse Metric TLVs. | properly formatted Reverse Metric TLVs. | |||
It is RECOMMENDED that the network operators disable the capability | ||||
when this Reverse Metric feature or mechanism is not being used in | ||||
the network where in the case an IS-IS implementation has this | ||||
mechanism enabled by default. | ||||
4. Security Considerations | 4. Security Considerations | |||
The enhancement in this document makes it possible for one IS-IS | The enhancement in this document makes it possible for one IS-IS | |||
router to manipulate the IS-IS Default Metric and, optionally, | router to manipulate the IS-IS Default Metric and, optionally, | |||
Traffic Engineering parameters of adjacent IS-IS neighbors. Although | Traffic Engineering parameters of adjacent IS-IS neighbors. Although | |||
IS-IS routers within a single Autonomous System nearly always are | IS-IS routers within a single Autonomous System nearly always are | |||
under the control of a single administrative authority, it is highly | under the control of a single administrative authority, it is highly | |||
RECOMMENDED that operators configure authentication of IS-IS PDUs to | RECOMMENDED that operators configure authentication of IS-IS PDUs to | |||
mitigate use of the Reverse Metric TLV as a potential attack vector, | mitigate use of the Reverse Metric TLV as a potential attack vector, | |||
particularly on multi-access LANs. | particularly on multi-access LANs. | |||
End of changes. 10 change blocks. | ||||
22 lines changed or deleted | 30 lines changed or added | |||
This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |