Re: [OSPF] [Isis-wg] Mail regarding draft-ietf-ospf-segment-routing-extensions

"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Fri, 02 January 2015 21:40 UTC

Return-Path: <ginsberg@cisco.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 541571A00F6; Fri, 2 Jan 2015 13:40:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aWZ7qnZuBwaH; Fri, 2 Jan 2015 13:40:36 -0800 (PST)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 247251A00F0; Fri, 2 Jan 2015 13:40:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=13034; q=dns/txt; s=iport; t=1420234836; x=1421444436; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=oCUggCpon3culOYDNDDM7gleYz2NEzefXBXCeWfLZHw=; b=NnxyMFoxieJcjMwynEJnL3WOMjJp2aVpil2R/JR5ONf1gqQvvIlj9/JD ft/GrPh+8WEOzHICecp5isrC/f3DM9av1A+TLgOwDtBmFHBbb9fWSkKrM YEn58SYFpiSYwm5imGeI0czSRTS6kJzciv4W7Z7lQoZFJ3b6B+M6y3UhE s=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AmMFAEsPp1StJV2a/2dsb2JhbABcgmQiUlgExicKhXECgQYWAQEBAQF9hAwBAQEEAQEBNzQLDAQCAQgRBAEBAQoUCQcnCxQJCAIEAQ0FCIgkAQy+JwEBAQEBAQEBAQEBAQEBAQEBAQEBARMEig2EfxoBAR4GJgUHAgSDEIETBY4VmkMig25vgQw5fgEBAQ
X-IronPort-AV: E=Sophos;i="5.07,685,1413244800"; d="scan'208";a="109879665"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by alln-iport-5.cisco.com with ESMTP; 02 Jan 2015 21:40:34 +0000
Received: from xhc-aln-x13.cisco.com (xhc-aln-x13.cisco.com [173.36.12.87]) by rcdn-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id t02LeYQF005211 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 2 Jan 2015 21:40:34 GMT
Received: from xmb-aln-x02.cisco.com ([fe80::8c1c:7b85:56de:ffd1]) by xhc-aln-x13.cisco.com ([173.36.12.87]) with mapi id 14.03.0195.001; Fri, 2 Jan 2015 15:40:34 -0600
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: Shraddha Hegde <shraddha@juniper.net>, "Peter Psenak (ppsenak)" <ppsenak@cisco.com>, "draft-ietf-ospf-segment-routing-extensions@tools.ietf.org" <draft-ietf-ospf-segment-routing-extensions@tools.ietf.org>, "draft-ietf-isis-segment-routing-extensions@tools.ietf.org" <draft-ietf-isis-segment-routing-extensions@tools.ietf.org>
Thread-Topic: [Isis-wg] Mail regarding draft-ietf-ospf-segment-routing-extensions
Thread-Index: AQHQI/eNjO3OMGSsP0morl+oLI2n+5yoTnXwgASXbYCAACEzgIAAkG+A///FoqA=
Date: Fri, 2 Jan 2015 21:40:33 +0000
Message-ID: <F3ADE4747C9E124B89F0ED2180CC814F4EEA04D7@xmb-aln-x02.cisco.com>
References: <BY1PR0501MB13819883015276791F20D631D5540@BY1PR0501MB1381.namprd05.prod.outlook.com> <54A10B35.4030301@cisco.com> <BY1PR0501MB1381B131A68B321264B7E930D5510@BY1PR0501MB1381.namprd05.prod.outlook.com> <54A10E78.6030006@cisco.com> <BY1PR0501MB1381610E47F46E81528B5416D5510@BY1PR0501MB1381.namprd05.prod.outlook.com> <54A11188.8040301@cisco.com> <BY1PR0501MB1381860D81EE3DF32A76B6D7D5510@BY1PR0501MB1381.namprd05.prod.outlook.com> <54A1173D.6000200@cisco.com> <BY1PR0501MB138100AA25B6773A7EAB5A49D5510@BY1PR0501MB1381.namprd05.prod.outlook.com> <54A13555.2020208@cisco.com> <BY1PR0501MB1381AF63A9D0CAEDA844DA58D55E0@BY1PR0501MB1381.namprd05.prod.outlook.com> <F3ADE4747C9E124B89F0ED2180CC814F4EE9FA7C@xmb-aln-x02.cisco.com> <54A65437.4070808@cisco.com> <F3ADE4747C9E124B89F0ED2180CC814F4EEA043C@xmb-aln-x02.cisco.com> <BY1PR0501MB13810519A45DE924130858E3D55D0@BY1PR0501MB1381.namprd05.prod.outlook.com>
In-Reply-To: <BY1PR0501MB13810519A45DE924130858E3D55D0@BY1PR0501MB1381.namprd05.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.24.203.199]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/ospf/xUAGd9Uh7Cn5rX6poLN4wC64GKE
Cc: "ospf@ietf.org" <ospf@ietf.org>, "isis-wg@ietf.org" <isis-wg@ietf.org>
Subject: Re: [OSPF] [Isis-wg] Mail regarding draft-ietf-ospf-segment-routing-extensions
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Jan 2015 21:40:39 -0000

Shraddha -

IGPs today do NOT perform constraint based SPFs - so I don't know why you believe that the primary SPF will meet a set of constraints that an LFA calculation will not. In fact , it is the opposite which is true because implementations today do support preferences in choosing LFAs based on various configured policy - something which is NOT done for primary SPF.

If you want a certain class of traffic to avoid a subset of the links in the topology then you need to have a way of identifying the links (NOT the node addresses) and a way of calculating a path which only uses the links which meet the constraints of that class of service. Identifying a particular prefix as protected or unprotected won't achieve that.

   Les

-----Original Message-----
From: Shraddha Hegde [mailto:shraddha@juniper.net] 
Sent: Friday, January 02, 2015 10:54 AM
To: Les Ginsberg (ginsberg); Peter Psenak (ppsenak); draft-ietf-ospf-segment-routing-extensions@tools.ietf.org; draft-ietf-isis-segment-routing-extensions@tools.ietf.org
Cc: ospf@ietf.org; isis-wg@ietf.org
Subject: RE: [Isis-wg] Mail regarding draft-ietf-ospf-segment-routing-extensions

Hi Les/Peter,

      When reconvergence happens, the primary path will be calculated based on all constriants.
This is not true with the protection path.Protection path is calculated locally (LFA/RLFA)  and does not consider the characteristics of the services running on that path. 
It's easier for some services to pick the unprotected path when the nature of the service is that it can be restarted  when there is a disconnection.

Rgds
Shraddha
-----Original Message-----
From: Les Ginsberg (ginsberg) [mailto:ginsberg@cisco.com]
Sent: Friday, January 02, 2015 10:06 PM
To: Peter Psenak (ppsenak); Shraddha Hegde; draft-ietf-ospf-segment-routing-extensions@tools.ietf.org; draft-ietf-isis-segment-routing-extensions@tools.ietf.org
Cc: ospf@ietf.org; isis-wg@ietf.org
Subject: RE: [Isis-wg] Mail regarding draft-ietf-ospf-segment-routing-extensions

Peter -

The requirement Shraddha specified was to not allow a particular class of service ("heavy bandwidth services" was the example provided) to use certain links in the topology. My point is that advertising a flag for a given prefix which says "do not calculate a repair path for this prefix" does not help achieve this. Once the network reconverges following the failure of one of the links on which "heavy bandwidth services" is allowed/preferred it is quite likely that the new best path will be over a link on which "heavy bandwidth services" is NOT allowed/preferred. This will happen whether you have the new flag or not - so the flag will have no lasting effect. It would only affect traffic flow during the brief period during which the network is reconverging.

I think you and I are actually in agreement - I am simply sending a stronger negative message - not only do I think the flag is not useful - I think it does not achieve the goal Shraddha has in mind.

   Les


-----Original Message-----
From: Peter Psenak (ppsenak)
Sent: Friday, January 02, 2015 12:18 AM
To: Les Ginsberg (ginsberg); Shraddha Hegde; draft-ietf-ospf-segment-routing-extensions@tools.ietf.org; draft-ietf-isis-segment-routing-extensions@tools.ietf.org
Cc: ospf@ietf.org; isis-wg@ietf.org
Subject: Re: [Isis-wg] Mail regarding draft-ietf-ospf-segment-routing-extensions

Hi Les,

I believe the idea is not to exclude any particular link, it's actually much simpler - do not calculate backup for the prefix if the flag is set.

I'm still not quite sure how useful above is, but technically it is possible.

thanks,
Peter

On 12/30/14 17:22 , Les Ginsberg (ginsberg) wrote:
> Shraddha -
>
> When performing a best path calculation whether a given link is in the set of best paths (to be protectedED) or not (could be used as a protectING path) is a function of the topology - not the link.  If there is a topology change it is quite likely that a given link will change from being a protectED link to being a protectING link (or vice versa). So what you propose regarding node-SIDs would not work.
>
> In the use case you mention below if you don't want a certain class of traffic to flow on a given link it requires a link attribute which is persistent across topology changes. There are ways to do that - using Adj-SIDs is one of them. But using node-SIDs in the way you propose is NOT.
>
>     Les
>
> -----Original Message-----
> From: OSPF [mailto:ospf-bounces@ietf.org] On Behalf Of Shraddha Hegde
> Sent: Monday, December 29, 2014 10:12 PM
> To: Peter Psenak (ppsenak);
> draft-ietf-ospf-segment-routing-extensions@tools.ietf.org;
> draft-ietf-isis-segment-routing-extensions@tools.ietf.org
> Cc: ospf@ietf.org; isis-wg@ietf.org
> Subject: Re: [OSPF] [Isis-wg] Mail regarding 
> draft-ietf-ospf-segment-routing-extensions
>
> Peter,
>
>> The requirement here is to get an un-protected path for services which do not want to divert the traffic on protected path in any case.
>
>> can you give an example of such a service and a reasoning why such service would want to avoid local protection along the path?
>
> Heavy bandwidth services are potential candidates.  The network is well planned and well provisioned for primary path but same is not true for backup paths.
> Diverting heavy bandwidth services along protection path can disrupt the other services on that path, they are better-off un-protected so that an event in the network Would result in disconnection and a retry for such services.
>
> Rgds
> Shraddha
>
> -----Original Message-----
> From: Peter Psenak [mailto:ppsenak@cisco.com]
> Sent: Monday, December 29, 2014 4:35 PM
> To: Shraddha Hegde;
> draft-ietf-ospf-segment-routing-extensions@tools.ietf.org;
> draft-ietf-isis-segment-routing-extensions@tools.ietf.org
> Cc: ospf@ietf.org; isis-wg@ietf.org
> Subject: Re: [Isis-wg] Mail regarding 
> draft-ietf-ospf-segment-routing-extensions
>
> Shraddha,
>
> On 12/29/14 10:06 , Shraddha Hegde wrote:
>> Peter,
>>
>> The requirement here is to get an un-protected path for services which do not want to divert the traffic on protected path in any case.
>
> can you give an example of such a service and a reasoning why such service would want to avoid local protection along the path?
>
> thanks,
> Peter
>
>> So when the originator of node-sid signals un-protected path requirement, there is always an unprotected path.
>>
>> Regarding the protected path, it is the default behavior as it exists today. You get protection if it's available otherwise you don't get protection.
>>
>> In fact, you can have the new flag to say "NP flag" meaning non-protected flag which can be set for the unprotected path.
>> By default it remains off and gives the behavior as it exists today.
>>
>>
>> Rgds
>> Shraddha
>>
>> -----Original Message-----
>> From: Peter Psenak [mailto:ppsenak@cisco.com]
>> Sent: Monday, December 29, 2014 2:26 PM
>> To: Shraddha Hegde;
>> draft-ietf-ospf-segment-routing-extensions@tools.ietf.org;
>> draft-ietf-isis-segment-routing-extensions@tools.ietf.org
>> Cc: ospf@ietf.org; isis-wg@ietf.org
>> Subject: Re: [Isis-wg] Mail regarding 
>> draft-ietf-ospf-segment-routing-extensions
>>
>> Shraddha,
>>
>> I do not see how an originator of the node-sid can mandate a protection for the prefix on other routers. What if there is no backup available on a certain node along the path?
>>
>> The parallel with the B-flag in adj-sids is not right - in case of adj-sid the originator has the knowledge about the local adjacency protection and as such can signal it it it's LSA.
>>
>> thanks,
>> Peter
>>
>>
>> On 12/29/14 09:47 , Shraddha Hegde wrote:
>>> Peter,
>>>
>>>
>>> Pls see inline.
>>>
>>> Rgds
>>> Shraddha
>>>
>>> -----Original Message-----
>>> From: Peter Psenak [mailto:ppsenak@cisco.com]
>>> Sent: Monday, December 29, 2014 2:02 PM
>>> To: Shraddha Hegde;
>>> draft-ietf-ospf-segment-routing-extensions@tools.ietf.org;
>>> draft-ietf-isis-segment-routing-extensions@tools.ietf.org
>>> Cc: ospf@ietf.org; isis-wg@ietf.org
>>> Subject: Re: [Isis-wg] Mail regarding 
>>> draft-ietf-ospf-segment-routing-extensions
>>>
>>> Shraddha,
>>>
>>> I do not see how an originator can set any flag regarding the protection of the locally attached prefix.
>>> <Shraddha> The originator advertises 2 node-sids. One with p flag set and the other without the p-flag set.
>>>
>>>     It's all the routers on the path towards such prefix that need to deal with the protection.
>>> <Shraddha> The receiving nodes will download protected path for the 
>>> node-sid with p-flag set and download Unprotected path for the node-sid with p-flag unset.
>>>
>>> Signaling anything from the originator seems useless.
>>> <Shraddha>  For node-sids it's the others who need to build the forwarding plane but it's only the originator who can signal which of
>>>                            Sid need to be built with protection and which not. Other routers on the path cannot signal this information.
>>
>>
>>
>>>
>>> With this you have two paths for the node. One is protected and the other is unprotected. This meets the requirement of having an un-protected path.
>>>
>>> It's very much in parallel to B-flag in adj-sids. It is similar to 
>>> advertising multiple adj-sids one with B-flag on and other with b-flag off , to get protected and unprotected Adj-sids.
>>>
>>> thanks,
>>> Peter
>>>
>>> On 12/29/14 09:26 , Shraddha Hegde wrote:
>>>> Yes.You are right.
>>>>
>>>> Lets say a prefix sid has a flag "p flag". If this is on it means build a path and provide protection.
>>>> If this is off it means build a path with no protection.
>>>> The receivers of the prefix-sid will build forwarding plane based on this flag.
>>>>
>>>> The applications building the paths will either use prefix-sids with p flag on or off based on the need of the service.
>>>> Rgds
>>>> Shraddha
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: Peter Psenak [mailto:ppsenak@cisco.com]
>>>> Sent: Monday, December 29, 2014 1:49 PM
>>>> To: Shraddha Hegde;
>>>> draft-ietf-ospf-segment-routing-extensions@tools.ietf.org;
>>>> draft-ietf-isis-segment-routing-extensions@tools.ietf.org
>>>> Cc: ospf@ietf.org; isis-wg@ietf.org
>>>> Subject: Re: [Isis-wg] Mail regarding 
>>>> draft-ietf-ospf-segment-routing-extensions
>>>>
>>>> Shraddha,
>>>>
>>>> the problem is that the node that is advertising the node-sid can not advertise any data regarding the protection of such prefix, because the prefix is locally attached.
>>>>
>>>> thanks,
>>>> Peter
>>>>
>>>> On 12/29/14 09:15 , Shraddha Hegde wrote:
>>>>> Peter,
>>>>>
>>>>> If there is a service which has to use un-protected path and while 
>>>>> building such a path if the node-sids Need to be used (one reason 
>>>>> could be label stack compression) , then there has to be unprotected node-sid that this service can make use of.
>>>>>
>>>>> Prefix -sids could also be used to represent different service 
>>>>> endpoints which makes it even more relevant to have A means of representing  unprotected paths.
>>>>>
>>>>> Would be good to hear from others on this, especially operators.
>>>>>
>>>>> Rgds
>>>>> Shraddha
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: Peter Psenak [mailto:ppsenak@cisco.com]
>>>>> Sent: Monday, December 29, 2014 1:35 PM
>>>>> To: Shraddha Hegde;
>>>>> draft-ietf-ospf-segment-routing-extensions@tools.ietf.org;
>>>>> draft-ietf-isis-segment-routing-extensions@tools.ietf.org
>>>>> Cc: ospf@ietf.org; isis-wg@ietf.org
>>>>> Subject: Re: [Isis-wg] Mail regarding 
>>>>> draft-ietf-ospf-segment-routing-extensions
>>>>>
>>>>> Shraddha,
>>>>>
>>>>> node-SID is advertised by the router for the prefix that is directly attached to it. Protection for such local prefix does not mean much.
>>>>>
>>>>> thanks,
>>>>> Peter
>>>>>
>>>>> On 12/24/14 11:57 , Shraddha Hegde wrote:
>>>>>> Authors,
>>>>>> We have a "backup flag" in adjacency sid to indicate whether the 
>>>>>> label is protected or not.
>>>>>> Similarly. I think we need a flag in prefix-sid as well to 
>>>>>> indicate whether the node-sid is to be protected or not.
>>>>>> Any thoughts on this?
>>>>>> Rgds
>>>>>> Shraddha
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Isis-wg mailing list
>>>>>> Isis-wg@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/isis-wg
>>>>>>
>>>>>
>>>>> .
>>>>>
>>>>
>>>> .
>>>>
>>>
>>> .
>>>
>>
>> .
>>
>
> _______________________________________________
> OSPF mailing list
> OSPF@ietf.org
> https://www.ietf.org/mailman/listinfo/ospf
> .
>