Re: [Pppext] [Isis-wg] Fwd: I-D Action: draft-simpson-isis-ppp-unique-02.txt

William Allen Simpson <william.allen.simpson@gmail.com> Tue, 09 August 2011 21:27 UTC

Return-Path: <william.allen.simpson@gmail.com>
X-Original-To: pppext@ietfa.amsl.com
Delivered-To: pppext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D8E211E80F7; Tue, 9 Aug 2011 14:27:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.471
X-Spam-Level:
X-Spam-Status: No, score=-3.471 tagged_above=-999 required=5 tests=[AWL=0.128, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zjbIPxpJVGe1; Tue, 9 Aug 2011 14:27:40 -0700 (PDT)
Received: from mail-gw0-f44.google.com (mail-gw0-f44.google.com [74.125.83.44]) by ietfa.amsl.com (Postfix) with ESMTP id A6C5411E80F0; Tue, 9 Aug 2011 14:27:40 -0700 (PDT)
Received: by gwb20 with SMTP id 20so337899gwb.31 for <multiple recipients>; Tue, 09 Aug 2011 14:28:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=8G3Arvak18xSdOXdLqBbk6W2PZv7XAN7/w1tTqCNcvA=; b=KpBz7oe1dxE3mHg5e+4PevdyEzNHNbAV4hb1qj3v4NTEhiOfmjsGuq/33lPouBQ67Z elYHzm2JBRaxxBbTYuhOVHn0jKA0Hi0st8xORe/+8YN8ifYL6+PAy97IciFJmEE1LaKf QNSD2lPe1ma+nxP8Fmo++8z8mwNn8rfaSYi5Q=
Received: by 10.42.153.136 with SMTP id m8mr814066icw.472.1312925289285; Tue, 09 Aug 2011 14:28:09 -0700 (PDT)
Received: from Wastrel-3.local (c-68-40-194-239.hsd1.mi.comcast.net [68.40.194.239]) by mx.google.com with ESMTPS id f14sm385113icm.15.2011.08.09.14.28.07 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 09 Aug 2011 14:28:08 -0700 (PDT)
Message-ID: <4E41A666.4090200@gmail.com>
Date: Tue, 09 Aug 2011 17:28:06 -0400
From: William Allen Simpson <william.allen.simpson@gmail.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11
MIME-Version: 1.0
To: IETF PPP WG <pppext@ietf.org>
References: <4E4143FA.1000307@gmail.com> <AE36820147909644AD2A7CA014B1FB520F107E99@xmb-sjc-222.amer.cisco.com>
In-Reply-To: <AE36820147909644AD2A7CA014B1FB520F107E99@xmb-sjc-222.amer.cisco.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: IETF TRILL WG <rbridge@postel.org>, IETF ISIS WG <isis-wg@ietf.org>
Subject: Re: [Pppext] [Isis-wg] Fwd: I-D Action: draft-simpson-isis-ppp-unique-02.txt
X-BeenThere: pppext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PPP Extensions <pppext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pppext>, <mailto:pppext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pppext>
List-Post: <mailto:pppext@ietf.org>
List-Help: <mailto:pppext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pppext>, <mailto:pppext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Aug 2011 21:27:41 -0000

On 8/9/11 3:13 PM, Les Ginsberg (ginsberg) wrote:
> Thanx for (at last) actually including the isis-wg on this thread.
>
You'll have to thank whomever changed your list so that IETF mailman
member posts don't bounce.


> I have attached an excellent review that Mike Shand provided for your 00
> draft - both as context and to insure that you have seen this (I did
> forward this to you once before but am not sure you ever received it).
>
It was not "excellent", nor was it worth responding.  There are other
things to do with my limited (and unfunded) time than trying to educate
somebody who either failed to read the entire draft or couldn't follow
explicit directions.


> After reviewing the latest version (02) it seems to me that you have not
> addressed any of the substance of Mike's remarks.
>
There was little substance to Mike's remarks.  He confused "ISHs" with
"IIHs" (rather remarkable, as I'd actually spelled out "IS-IS Hellos").
This led to misunderstanding of the technical details.  He may also have
failed to remember the meaning of "neighbor".


> None of this addresses the concerns that Mike raised in his review -
> specifically:
>
> 1)How to distinguish between benign cases (receiving your own LSP and/or
> receiving a hellos from yourself if you have multiple ports on the same
> LAN) from genuine doppelgangers
>
Apparently, you also need to refresh your memory on the meaning of
"neighbor", too.  Also, "source".  This document takes no position on
information already contained in the IS-IS specification.

Indeed, I've repeatedly rejected suggestions from various folks to
provide extraneous explanation.  This draft has only 5 or 6 sentences of
protocol.  It's one of the simplest I've ever written.


> 2)How to prevent the introduction of a new system with a duplicate
> system ID from causing an existing system which has been using that
> system ID from having to change its ID (which is highly undesirable)
>
(Says you.)  The randomization of the delay jitter is explicitly for
ensuring that neither new nor old has any advantage over the other.
After a power failure, they may very well change places.  No operator in
their right mind would buy a system that required a particular order for
booting their routers or bridges!!!

(Admittedly, there are operators not in their right mind -- and they buy
name brands regardless of the technical quality.)

IS-IS has explicit support for changing System Identifiers on the fly.
See 7.3.6 Event driven LSP Generation:

    In addition to the periodic generation of LSPs, an Intermediate
    system shall generate an LSP when an event occurs which would cause
    the information content to change. The following events may cause
    such a change.
    ...
    -    a change in systemID
    ...

This merely may be the first exercise of that provision.


> 3)In general avoiding gratuitous system-id changes
>
There are no "gratuitous" changes.  All changes SHOULD occur only to
resolve conflicts.  That's the section title: Resolving Conflicts.

Some might consider the optional capability to manually set it as
gratuitous.  At the very least, it's a security problem, which this
specification *does* address.

But the other known problem this specification addresses is the failure of
certain vendors to set the locally-defined bit on manually configured
system identifiers!  (Yes, I'm looking at you.)


> For this draft to go forward it would have to be demonstrated both that
> the problem needs to be addressed and that the solution is not worse
> than the original problem. The former is not borne out by field
> experience to date (IMHO).

Apparently a very humble opinion, as you have no field experience, or at
least not listed anywhere I've been able to find it. :-( If you do, now
might be the time to name the ISP where you worked, especially your front
line technical support experience.

Because your current (only?) employer, Cisco, has been one of the most
egregious producers of duplicate MACs in networking history....

Or you could peruse your own company's documentation:

===

Table 11-1. IS-IS Adjacency Problems/Causes

Problem 1: The IS-IS process is enabled, but some or all of the expected
adjacencies are not being formed, that is, some or all expected adjacencies
are not in the output of the show clns neighbors command at all.

Check that the interface is defined as passive under the IS-IS router configuration.

Other possibilities are as follows:

     Mismatched Level 1 and Level 2 interfaces or mismatched area addresses

     Incorrect IP subnet configuration

     Duplicate system ID in IS-IS area or backbone

===

Step 6: Check for Duplicate System IDs

If the previous steps checked out okay but a specific neighbor is not in
the show clns neighbor output, it is possible that adjacency is not
being formed because that neighbor has a duplicate system ID with the
local router. An IS-IS router will not form an adjacency with a router
in the same area that has a duplicate system ID. It also logs a
duplicate system ID error, as shown in Example 11-10. Use the show
logging command to display entries in the log. If duplicate system ID
errors are found, the source of the conflict can be determined from the
output of debug adj-packets, which points to the interface where the
hellos with the duplicate system ID are coming from. See Example 11-11.

===