Re: [Lsr] New Version Notification for draft-ietf-lsr-isis-area-proxy-02.txt

[bruno.decraene@orange.com]

Hi Tony,

From: Tony Li [mailto:tony1athome@gmail.com] On Behalf Of tony.li@tony.li
Subject: Re: [Lsr] New Version Notification for draft-ietf-lsr-isis-area-proxy-02.txt


Hi Bruno,

Thank you for the clarification.
[Bruno] You are very welcome. Thank you for listening.

 I understand completely what you’re trying to do and I agree that it’s valuable.

The downside of your approach is that the Area Leader will now need configuration of a new prefix to advertise as the Node SID.
[Bruno] Agreed.
I believe that the Area SID equally needs to be configured, so configuration is required in all cases. Given this, the extra effort seems marginal to me.
Not unthinkable.

What do the Inside Nodes do with this prefix, if anything?
[Bruno] good question. 2 options:

-          Drop traffic to control plane (i.e. IP is not supposed to be used)

-          Nothing really new: it’s an anycast IP/SID. There is even a draft for the more complex case where the SRGB is different on the anycast nodes . https://tools.ietf.org/html/draft-ietf-spring-mpls-anycast-segments-03

Regards,
--Bruno

I am open to this approach, either in addition to, or instead of the approach currently in the draft.  I await feedback from the WG.

Regards,
Tony

<IS-IS bigotry>

p.s. The fact that the node SID requires a prefix is just a side effect of the IP address space excluding hosts from addressing. The one, true
way within IS-IS is the system ID, a separate, independent namespace for nodes that simply avoids ALL of these problems.  If RFC 8667
encoded node SIDs as their own TLV without the unnecessary prefix that OSPF’s style mandates, this would be trivial.

</IS-IS bigotry>


On Jul 31, 2020, at 2:24 AM, bruno.decraene@orange.com<mailto:bruno.decraene@orange.com> wrote:

Hi Tony,

Thank you for your reply.
Top posting the description of the use case that I have in mind.

>  First off, the Area SID is 100% optional. If you choose not to use it, then the Proxy LSP should be 100% compatible with a standard L2 node.
Good. But I think that the idea of the Area SID is a good one, and I choose to use it. Then I’d like to get it for free ;-)


Please fine below a network topology:
<image003.jpg>


My understanding is that the L2 topology seen by node S is the following
<image004.jpg>

P been the Proxy LSP.

S wants to protect from the failure of link S-C by using TI-LFA. For the destination C, it would push 2 (*) node SIDs: P, C
So S needs a Node SID for P:
a)      If P does not redistribute the Node SIDs from its area members, P does not seem to advertise any node SID currently. There is a chance that C’s TI-LFA implementation would not like it and hence would not install protection for this (link, destination)
b)      If P redistributes the Node SIDs from its area members, P advertises 3 node SIDs (1,2, 3). S could pick any one at random. If it picks 3, the forwarding path would be S, A,B, 1, 2, 3, 2 , 1, C,  which is suboptimal.

Two solutions I could think of:
- when redistributing the node SID, P changes the SIDs values and replace them with the value of the Area SID. This works for this use case, but it is borderline. (e.g. if some a L2 node learn both the original and ‘NATed’ SID, we have some SID conflict. Let’s try to avoid this subject).
- P could advertise its own Node-SID with the Area SID value. This is what I’m proposing. Both the IP loopback and the Area SID of this Node SID  are likely configured by the network operator so this does not seem like a significant effort from the implementation.

As you say, this does not involve any protocol extension. But the goal is to improve interop with existing/legacy L2 nodes so this may be valuable in the draft. This point could be pushed to a deployment consideration section if you don’t want any impact on the protocol extension.

Thanks,
--Bruno

(*) Assuming the right metrics on the links. This is not the subject of this thread.


From: Tony Li [mailto:tony1athome@gmail.com] On Behalf Of tony.li@tony.li<mailto:tony.li@tony.li>
Sent: Thursday, July 30, 2020 7:39 PM
To: DECRAENE Bruno TGI/OLN <bruno.decraene@orange.com<mailto:bruno.decraene@orange.com>>
Cc: lsr@ietf.org<mailto:lsr@ietf.org>
Subject: Re: [Lsr] New Version Notification for draft-ietf-lsr-isis-area-proxy-02.txt


Hi Bruno,

Thank you for your comments.




On Jul 30, 2020, at 9:22 AM, bruno.decraene@orange.com<mailto:bruno.decraene@orange.com> wrote:

Hi Tony,

Thanks for the updated draft.

“ The Area SID Sub-TLV allows the Area Leader to advertise a SID that
   represents the entirety of the Inside Area to the Outside Area.  This
   sub-TLV is learned by all of the Inside Edge Nodes who should consume
   this SID at forwarding time.”

Excellent, from my perspective.

>  - The Area Segment SID TLV has been replaced by extending the Binding SID TLV.


“When SR is enabled, it may be useful to advertise an Area SID which

   will direct traffic to any of the Inside Edge Routers.  The Binding/

   MT Binding TLVs described in RFC 8667 Section 2.4<https://tools.ietf.org/html/rfc8667#section-2.4> are used to

   advertise such a SID.



   The following extensions to the Binding TLV are defined in order to

   support Area SID:



      A new flag is defined:



         T-flag: The SID directs traffic to an area.  (Bit 5) »




This works.


Excellent.




However I may have a different deployment environment than the one you have in mind. Even if those issues may be mine, allow me to share them with you.
In many WAN networks than I’m used to, there are routers from different vendors, platforms, software, generations. Requiring all those routers to support the new Binding SID TLV T-Flag will take time. Some platform may even be end of engineering (evolutions) so would never support such new features.
In my environment, ideally, I would prefer a solution which do not require any new feature on external L2 nodes, while all existing L2 features keep working, in particular SR, SR-TE, TI-LFA, SR uloop avoidance… This would require the Proxy LSP to be not (significantly) different than the LSP of a vanilla L2 node.


First off, the Area SID is 100% optional. If you choose not to use it, then the Proxy LSP should be 100% compatible with a standard L2 node.



I cannot claim that we’ve exhaustively tested our implementation against all of the features that you cite, so there may still be corner cases, but our intent is to make that doable.  For exaple, the Proxy LSP can still contain a node SID, adjacency SID, and prefix SID as before. There’s no change there.




For SR, I think that this would require this Proxy LSP to advertise a Prefix/Node SID with the Area SID attached. One drawback is that a Node-SID is advertised with an IP address that would need to be provisioned.


That’s certainly doable and requires no new protocol machinery. If the WG prefers this mode of operation, I’m not opposed.




Both approaches are not mutually exclusives. I’d be happy enough with an option for the Proxy LSP to advertise an Area Node SID with the Area SID attached.

Finally, there is no requirement to make me happy ;-) . The above could also be a local implementation knob not mentioned in the draft.


Our goal is to make as many customers as happy as possible.  ;-)

Tony


_________________________________________________________________________________________________________________________



Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.



This message and its attachments may contain confidential or privileged information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.

Thank you.


_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.