From 4bfd864f10b68b71482b35c818559068ef8d5797 Mon Sep 17 00:00:00 2001 From: Thomas Voss Date: Wed, 27 Nov 2024 20:54:24 +0100 Subject: doc: Add RFC documents --- doc/rfc/rfc8500.txt | 843 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 843 insertions(+) create mode 100644 doc/rfc/rfc8500.txt (limited to 'doc/rfc/rfc8500.txt') diff --git a/doc/rfc/rfc8500.txt b/doc/rfc/rfc8500.txt new file mode 100644 index 0000000..91fa231 --- /dev/null +++ b/doc/rfc/rfc8500.txt @@ -0,0 +1,843 @@ + + + + + + +Internet Engineering Task Force (IETF) N. Shen +Request for Comments: 8500 Cisco Systems +Category: Standards Track S. Amante +ISSN: 2070-1721 Apple Inc. + M. Abrahamsson + T-Systems Nordic + February 2019 + + + IS-IS Routing with Reverse Metric + +Abstract + + This document describes a mechanism to allow IS-IS routing to quickly + and accurately shift traffic away from either a point-to-point or + multi-access LAN interface during network maintenance or other + operational events. This is accomplished by signaling adjacent IS-IS + neighbors with a higher reverse metric, i.e., the metric towards the + signaling IS-IS router. + +Status of This Memo + + This is an Internet Standards Track document. + + This document is a product of the Internet Engineering Task Force + (IETF). It represents the consensus of the IETF community. It has + received public review and has been approved for publication by the + Internet Engineering Steering Group (IESG). Further information on + Internet Standards is available in Section 2 of RFC 7841. + + Information about the current status of this document, any errata, + and how to provide feedback on it may be obtained at + https://www.rfc-editor.org/info/rfc8500. + +Copyright Notice + + Copyright (c) 2019 IETF Trust and the persons identified as the + document authors. All rights reserved. + + This document is subject to BCP 78 and the IETF Trust's Legal + Provisions Relating to IETF Documents + (https://trustee.ietf.org/license-info) in effect on the date of + publication of this document. Please review these documents + carefully, as they describe your rights and restrictions with respect + to this document. Code Components extracted from this document must + include Simplified BSD License text as described in Section 4.e of + the Trust Legal Provisions and are provided without warranty as + described in the Simplified BSD License. + + + +Shen, et al. Standards Track [Page 1] + +RFC 8500 IS-IS Reverse Metric February 2019 + + +Table of Contents + + 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 + 1.1. Node and Link Isolation . . . . . . . . . . . . . . . . . 2 + 1.2. Distributed Forwarding Planes . . . . . . . . . . . . . . 3 + 1.3. Spine-Leaf Applications . . . . . . . . . . . . . . . . . 3 + 1.4. LDP IGP Synchronization . . . . . . . . . . . . . . . . . 3 + 1.5. IS-IS Reverse Metric . . . . . . . . . . . . . . . . . . 3 + 1.6. Specification of Requirements . . . . . . . . . . . . . . 4 + 2. IS-IS Reverse Metric TLV . . . . . . . . . . . . . . . . . . 4 + 3. Elements of Procedure . . . . . . . . . . . . . . . . . . . . 6 + 3.1. Processing Changes to Default Metric . . . . . . . . . . 6 + 3.2. Multi-Topology IS-IS Support on Point-to-Point Links . . 7 + 3.3. Multi-access LAN Procedures . . . . . . . . . . . . . . . 7 + 3.4. LDP/IGP Synchronization on LANs . . . . . . . . . . . . . 8 + 3.5. Operational Guidelines . . . . . . . . . . . . . . . . . 9 + 4. Security Considerations . . . . . . . . . . . . . . . . . . . 10 + 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 + 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 + 6.1. Normative References . . . . . . . . . . . . . . . . . . 10 + 6.2. Informative References . . . . . . . . . . . . . . . . . 11 + Appendix A. Node Isolation Challenges . . . . . . . . . . . . . 13 + Appendix B. Link Isolation Challenges . . . . . . . . . . . . . 13 + Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 15 + Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 15 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 + +1. Introduction + + The IS-IS [ISO10589] routing protocol has been widely used in + Internet Service Provider IP/MPLS networks. Operational experience + with the protocol combined with ever increasing requirements for + lossless operations have demonstrated some operational issues. This + document describes the issues and a mechanism for mitigating them. + + This document defines the IS-IS "Reverse Metric" mechanism that + allows an IS-IS node to send a Reverse Metric TLV through the IS-IS + Hello (IIH) PDU to the neighbor or pseudonode to adjust the routing + metric on the inbound direction. + +1.1. Node and Link Isolation + + The IS-IS routing mechanism has the overload bit, which can be used + by operators to perform disruptive maintenance on the router. But in + many operational maintenance cases, it is not necessary to divert all + the traffic away from this node. It is necessary to avoid only a + single link during the maintenance. More detailed descriptions of + the challenges can be found in Appendices A and B of this document. + + + +Shen, et al. Standards Track [Page 2] + +RFC 8500 IS-IS Reverse Metric February 2019 + + +1.2. Distributed Forwarding Planes + + In a distributed forwarding platform, different forwarding line cards + may have interfaces and IS-IS connections to neighbor routers. If + one of the line card's software resets, it may take some time for the + forwarding entries to be fully populated on the line card, in + particular if the router is a PE (Provider Edge) router in an ISP's + MPLS VPN. An IS-IS adjacency may be established with a neighbor + router long before the entire BGP VPN prefixes are downloaded to the + forwarding table. It is important to signal to the adjacent IS-IS + routers to raise metric values and not to use the corresponding IS-IS + adjacency inbound to this router if possible. Temporarily signaling + the 'Reverse Metric' over this link to discourage the traffic via the + corresponding line card will help to reduce the traffic loss in the + network. In the meantime, the remote PE routers will select a + different set of PE routers for the BGP best path calculation or use + a different link towards the same PE router on which a line card is + resetting. + +1.3. Spine-Leaf Applications + + In the IS-IS Spine-Leaf extension [IS-IS-SL-EXT], the leaf nodes will + perform equal-cost or unequal-cost load sharing towards all the spine + nodes. In certain operational cases, for instance, when one of the + backbone links on a spine node is congested, a spine node can push a + higher metric towards the connected leaf nodes to reduce the transit + traffic through the corresponding spine node or link. + +1.4. LDP IGP Synchronization + + In [RFC5443], a mechanism is described to achieve LDP IGP + synchronization by using the maximum link metric value on the + interface. But in the case of a new IS-IS node joining the broadcast + network (LAN), it is not optimal to change all the nodes on the LAN + to the maximum link metric value, as described in [RFC6138]. In this + case, the Reverse Metric can be used to discourage both outbound and + inbound traffic without affecting the traffic of other IS-IS nodes on + the LAN. + +1.5. IS-IS Reverse Metric + + This document uses the routing protocol itself as the transport + mechanism to allow one IS-IS router to advertise a "reverse metric" + in an IS-IS Hello (IIH) PDU to an adjacent node on a point-to-point + or multi-access LAN link. This would allow the provisioning to be + performed only on a single node, setting a "reverse metric" on a link + and having traffic bidirectionally shift away from that link + gracefully to alternate viable paths. + + + +Shen, et al. Standards Track [Page 3] + +RFC 8500 IS-IS Reverse Metric February 2019 + + + This Reverse Metric mechanism is used for both point-to-point and + multi-access LAN links. Unlike the point-to-point links, the IS-IS + protocol currently does not have a way to influence the traffic + towards a particular node on LAN links. This mechanism provides + IS-IS routing with the capability of altering traffic in both + directions on either a point-to-point link or a multi-access link of + an IS-IS node. + + The metric value in the Reverse Metric TLV and the Traffic + Engineering metric in the sub-TLV being advertised are offsets or + relative metrics to be added to the existing local link and Traffic + Engineering metric values of the receiver; the accumulated metric + value is bounded as described in Section 2. + +1.6. Specification of Requirements + + The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", + "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and + "OPTIONAL" in this document are to be interpreted as described in + BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all + capitals, as shown here. + +2. IS-IS Reverse Metric TLV + + The Reverse Metric TLV is a new TLV to be used inside an IS-IS Hello + PDU. This TLV is used to support the IS-IS Reverse Metric mechanism + that allows a "reverse metric" to be sent to the IS-IS neighbor. + + 0 1 2 3 + 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Type | Length | Flags | Metric + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + Metric (Continued) | sub-TLV Len |Optional sub-TLV + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + + Figure 1: Reverse Metric TLV + + The Value part of the Reverse Metric TLV is composed of a 3 octet + field containing an IS-IS Metric value, a 1 octet field of Flags, and + a 1 octet Reverse Metric sub-TLV length field representing the length + of a variable number of sub-TLVs. If the "sub-TLV Len" is non-zero, + then the Value field MUST also contain one or more sub-TLVs. + + The Reverse Metric TLV MAY be present in any IS-IS Hello PDU. A + sender MUST only transmit a single Reverse Metric TLV in an IS-IS + Hello PDU. If a received IS-IS Hello PDU contains more than one + + + + +Shen, et al. Standards Track [Page 4] + +RFC 8500 IS-IS Reverse Metric February 2019 + + + Reverse Metric TLV, an implementation MUST ignore all the Reverse + Metric TLVs. + + TYPE: 16 + LENGTH: variable (5 - 255 octets) + VALUE: + + Flags (1 octet) + Metric (3 octets) + sub-TLV length (1 octet) + sub-TLV data (0 - 250 octets) + + 0 1 2 3 4 5 6 7 + +-+-+-+-+-+-+-+-+ + | Reserved |U|W| + +-+-+-+-+-+-+-+-+ + + Figure 2: Flags + + The Metric field contains a 24-bit unsigned integer. This value is a + metric offset that a neighbor SHOULD add to the existing configured + Default Metric for the IS-IS link [ISO10589]. Refer to "Elements of + Procedure" in Section 3 of this document for details on how an IS-IS + router should process the Metric field in a Reverse Metric TLV. + + The Metric field, in the Reverse Metric TLV, is a "reverse offset + metric" that will either be in the range of 0 - 63 when a "narrow" + IS-IS metric is used (IS Neighbors TLV / Pseudonode LSP) [RFC1195] or + in the range of 0 - (2^24 - 2) when a "wide" Traffic Engineering + metric value is used (Extended IS Reachability TLV) [RFC5305] + [RFC5817]. As described below, when the U bit is set, the + accumulated value of the wide metric is in the range of + 0 - (2^24 - 1), with the (2^24 - 1) metric value as non-reachable in + IS-IS routing. The IS-IS metric value of (2^24 - 2) serves as the + link of last resort. + + There are currently only two Flag bits defined. + + W bit (0x01): The "Whole LAN" bit is only used in the context of + multi-access LANs. When a Reverse Metric TLV is transmitted from a + node to the Designated Intermediate System (DIS), if the "Whole LAN" + bit is set (1), then a DIS SHOULD add the received Metric value in + the Reverse Metric TLV to each node's existing Default Metric in the + Pseudonode LSP. If the "Whole LAN" bit is not set (0), then a DIS + SHOULD add the received Metric value in the Reverse Metric TLV to the + existing "default metric" in the Pseudonode LSP for the single node + from whom the Reverse Metric TLV was received. Please refer to + "Multi-access LAN Procedures", in Section 3.3, for additional + + + +Shen, et al. Standards Track [Page 5] + +RFC 8500 IS-IS Reverse Metric February 2019 + + + details. The W bit MUST be clear when a Reverse Metric TLV is + transmitted in an IIH PDU on a point-to-point link and MUST be + ignored when received on a point-to-point link. + + U bit (0x02): The "Unreachable" bit specifies that the metric + calculated by the addition of the reverse metric to the "default + metric" is limited to the maximum value of (2^24-1). This "U" bit + applies to both the default metric in the Extended IS Reachability + TLV and the Traffic Engineering Default Metric sub-TLV of the link. + This is only relevant to the IS-IS "wide" metric mode. + + The Reserved bits of Flags field MUST be set to zero and MUST be + ignored when received. + + The Reverse Metric TLV MAY include sub-TLVs when an IS-IS router + wishes to signal additional information to its neighbor. In this + document, the Reverse Metric Traffic Engineering Metric sub-TLV, with + Type 18, is defined. This Traffic Engineering Metric contains a + 24-bit unsigned integer. This sub-TLV is optional; if it appears + more than once, then the entire Reverse Metric TLV MUST be ignored. + Upon receiving this Traffic Engineering METRIC sub-TLV in a Reverse + Metric TLV, a node SHOULD add the received Traffic Engineering Metric + offset value to its existing configured Traffic Engineering Default + Metric within its Extended IS Reachability TLV. The use of other + sub-TLVs is outside the scope of this document. The "sub-TLV Len" + value MUST be set to zero when an IS-IS router does not have Traffic + Engineering sub-TLVs that it wishes to send to its IS-IS neighbor. + +3. Elements of Procedure + +3.1. Processing Changes to Default Metric + + It is important to use the same IS-IS metric type on both ends of the + link and in the entire IS-IS area or level. On the receiving side of + the 'reverse-metric' TLV, the accumulated value of the configured + metric and the reverse-metric needs to be limited to 63 in "narrow" + metric mode and to (2^24 - 2) in "wide" metric mode. This applies to + both the Default Metric of Extended IS Reachability TLV and the + Traffic Engineering Default Metric sub-TLV in LSP or Pseudonode LSP + for the "wide" metric mode case. If the "U" bit is present in the + flags, the accumulated metric value is to be limited to (2^24 - 1) + for both the normal link metric and Traffic Engineering metric in + IS-IS "wide" metric mode. + + If an IS-IS router is configured to originate a Traffic Engineering + Default Metric sub-TLV for a link but receives a Reverse Metric TLV + from its neighbor that does not contain a Traffic Engineering Default + + + + +Shen, et al. Standards Track [Page 6] + +RFC 8500 IS-IS Reverse Metric February 2019 + + + Metric sub-TLV, then the IS-IS router MUST NOT change the value of + its Traffic Engineering Default Metric sub-TLV for that link. + +3.2. Multi-Topology IS-IS Support on Point-to-Point Links + + The Reverse Metric TLV is applicable to Multi-topology IS-IS (M-ISIS) + [RFC5120]. On point-to-point links, if an IS-IS router is configured + for M-ISIS, it MUST send only a single Reverse Metric TLV in IIH PDUs + toward its neighbor(s) on the designated link. When an M-ISIS router + receives a Reverse Metric TLV, it MUST add the received Metric value + to its Default Metric of the link in all Extended IS Reachability + TLVs for all topologies. If an M-ISIS router receives a Reverse + Metric TLV with a Traffic Engineering Default Metric sub-TLV, then + the M-ISIS router MUST add the received Traffic Engineering Default + Metric value to each of its Default Metric sub-TLVs in all of its MT + Intermediate Systems TLVs. If an M-ISIS router is configured to + advertise Traffic Engineering Default Metric sub-TLVs for one or more + topologies but does not receive a Traffic Engineering Default Metric + sub-TLV in a Reverse Metric TLV, then the M-ISIS router MUST NOT + change the value in each of the Traffic Engineering Default Metric + sub-TLVs for all topologies. + +3.3. Multi-access LAN Procedures + + On a Multi-access LAN, only the DIS SHOULD act upon information + contained in a received Reverse Metric TLV. All non-DIS nodes MUST + silently ignore a received Reverse Metric TLV. The decision process + of the routers on the LAN MUST follow the procedure in + Section 7.2.8.2 of [ISO10589], and use the "Two-way connectivity + check" during the topology and route calculation. + + The Reverse Metric Traffic Engineering sub-TLV also applies to the + DIS. If a DIS is configured to apply Traffic Engineering over a link + and it receives Traffic Engineering Metric sub-TLV in a Reverse + Metric TLV, it should update the Traffic Engineering Default Metric + sub-TLV value of the corresponding Extended IS Reachability TLV or + insert a new one if not present. + + In the case of multi-access LANs, the "W" Flags bit is used to signal + from a non-DIS to the DIS whether or not to change the metric and, + optionally, Traffic Engineering parameters for all nodes in the + Pseudonode LSP or solely the node on the LAN originating the Reverse + Metric TLV. + + A non-DIS node, e.g., Router B, attached to a multi-access LAN will + send the DIS a Reverse Metric TLV with the W bit clear when Router B + wishes the DIS to add the Metric value to the Default Metric + contained in the Pseudonode LSP specific to just Router B. Other + + + +Shen, et al. Standards Track [Page 7] + +RFC 8500 IS-IS Reverse Metric February 2019 + + + non-DIS nodes, e.g., Routers C and D, may simultaneously send a + Reverse Metric TLV with the W bit clear to request the DIS to add + their own Metric value to their Default Metric contained in the + Pseudonode LSP. + + As long as at least one IS-IS node on the LAN sending the signal to + DIS with the W bit set, the DIS would add the metric value in the + Reverse Metric TLV to all neighbor adjacencies in the Pseudonode LSP, + regardless if some of the nodes on the LAN advertise the Reverse + Metric TLV without the W bit set. The DIS MUST use the reverse + metric of the highest source MAC address Non-DIS advertising the + Reverse Metric TLV with the W bit set. + + Local provisioning on the DIS to adjust the Default Metric(s) is + another way to insert Reverse Metric in the Pseudonode LSP towards an + IS-IS node on a LAN. In the case where a Reverse Metric TLV is also + used in the IS-IS Hello PDU of the node, the local provisioning MUST + take precedence over received Reverse Metric TLVs. For instance, + local policy on the DIS may be provisioned to ignore the W bit + signaling on a LAN. + + Multi-topology IS-IS [RFC5120] specifies there is no change to + construction of the Pseudonode LSP regardless of the Multi-topology + (MT) capabilities of a multi-access LAN. If any MT capable node on + the LAN advertises the Reverse Metric TLV to the DIS, the DIS should + update, as appropriate, the Default Metric contained in the + Pseudonode LSP. If the DIS updates the Default Metric and floods a + new Pseudonode LSP, those default metric values will be applied to + all topologies during Multi-topology Shortest Path First + calculations. + +3.4. LDP/IGP Synchronization on LANs + + As described in [RFC6138], when a new IS-IS node joins a broadcast + network, it is unnecessary and sometimes even harmful for all IS-IS + nodes on the LAN to advertise the maximum link metric. [RFC6138] + proposes a solution to have the new node not advertise its adjacency + towards the pseudonode when it is not in a "cut-edge" position. + + With the introduction of Reverse Metric in this document, a simpler + alternative solution to the above mentioned problem can be used. The + Reverse Metric allows the new node on the LAN to advertise its + inbound metric value to be the maximum, and this puts the link of + this new node in the last resort position without impacting the other + IS-IS nodes on the same LAN. + + + + + + +Shen, et al. Standards Track [Page 8] + +RFC 8500 IS-IS Reverse Metric February 2019 + + + Specifically, when IS-IS adjacencies are being established by the new + node on the LAN, besides setting the maximum link metric value + (2^24 - 2) on the interface of the LAN for LDP IGP synchronization as + described in [RFC5443], it SHOULD advertise the maximum metric offset + value in the Reverse Metric TLV in its IIH PDU sent on the LAN. It + SHOULD continue this advertisement until it completes all the LDP + label binding exchanges with all the neighbors over this LAN, either + by receiving the LDP End-of-LIB [RFC5919] for all the sessions or by + exceeding the provisioned timeout value for the node LDP/IGP + synchronization. + +3.5. Operational Guidelines + + For the use case in Section 1.1, a router SHOULD limit the period of + advertising a Reverse Metric TLV towards a neighbor only for the + duration of a network maintenance window. + + The use of a Reverse Metric does not alter IS-IS metric parameters + stored in a router's persistent provisioning database. + + If routers that receive a Reverse Metric TLV send a syslog message or + SNMP trap, this will assist in rapidly identifying the node in the + network that is advertising an IS-IS metric or Traffic Engineering + parameters different from that which is configured locally on the + device. + + When the link Traffic Engineering metric is raised to (2^24 - 1) + [RFC5817], either due to the Reverse Metric mechanism or by explicit + user configuration, this SHOULD immediately trigger the CSPF + (Constrained Shortest Path First) recalculation to move the Traffic + Engineering traffic away from that link. It is RECOMMENDED also that + the CSPF does the immediate CSPF recalculation when the Traffic + Engineering metric is raised to (2^24 - 2) to be the last resort + link. + + It is advisable that implementations provide a configuration + capability to disable any IS-IS metric changes by a Reverse Metric + mechanism through neighbors' Hello PDUs. + + If an implementation enables this mechanism by default, it is + RECOMMENDED that it be disabled by the operators when not explicitly + using it. + + + + + + + + + +Shen, et al. Standards Track [Page 9] + +RFC 8500 IS-IS Reverse Metric February 2019 + + +4. Security Considerations + + Security concerns for IS-IS are addressed in [ISO10589], [RFC5304], + [RFC5310], and with various deployment and operational security + considerations in [RFC7645]. The enhancement in this document makes + it possible for one IS-IS router to manipulate the IS-IS Default + Metric and, optionally, Traffic Engineering parameters of adjacent + IS-IS neighbors on point-to-point or LAN interfaces. Although IS-IS + routers within a single Autonomous System nearly always are under the + control of a single administrative authority, it is highly + recommended that operators configure authentication of IS-IS PDUs to + mitigate use of the Reverse Metric TLV as a potential attack vector. + +5. IANA Considerations + + IANA has allocated IS-IS TLV Codepoint 16 for the Reverse Metric TLV. + This new TLV has the following attributes: IIH = y, LSP = n, SNP = n, + Purge = n. + + This document also introduces a new registry for sub-TLVs of the + Reverse Metric TLV. The registration policy is Expert Review as + defined in [RFC8126]. This registry is part of the "IS-IS TLV + Codepoints" registry. The name of the registry is "Sub-TLVs for TLV + 16 (Reverse Metric TLV)". The defined values are: + + 0: Reserved + 1-17: Unassigned + 18: Traffic Engineering Metric as specified in this document + (Section 2) + 19-255: Unassigned + +6. References + +6.1. Normative References + + [ISO10589] ISO, "Information technology -- Telecommunications and + information exchange between systems -- Intermediate + System to Intermediate System intra-domain routeing + information exchange protocol for use in conjunction with + the protocol for providing the connectionless-mode network + service (ISO 8473)", ISO/IEC 10589:2002, Second Edition, + November 2002. + + [RFC1195] Callon, R., "Use of OSI IS-IS for routing in TCP/IP and + dual environments", RFC 1195, DOI 10.17487/RFC1195, + December 1990, . + + + + + +Shen, et al. Standards Track [Page 10] + +RFC 8500 IS-IS Reverse Metric February 2019 + + + [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate + Requirement Levels", BCP 14, RFC 2119, + DOI 10.17487/RFC2119, March 1997, + . + + [RFC5120] Przygienda, T., Shen, N., and N. Sheth, "M-ISIS: Multi + Topology (MT) Routing in Intermediate System to + Intermediate Systems (IS-ISs)", RFC 5120, + DOI 10.17487/RFC5120, February 2008, + . + + [RFC5305] Li, T. and H. Smit, "IS-IS Extensions for Traffic + Engineering", RFC 5305, DOI 10.17487/RFC5305, October + 2008, . + + [RFC5443] Jork, M., Atlas, A., and L. Fang, "LDP IGP + Synchronization", RFC 5443, DOI 10.17487/RFC5443, March + 2009, . + + [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for + Writing an IANA Considerations Section in RFCs", BCP 26, + RFC 8126, DOI 10.17487/RFC8126, June 2017, + . + + [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC + 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, + May 2017, . + +6.2. Informative References + + [IS-IS-SL-EXT] + Shen, N., Ginsberg, L., and S. Thyamagundalu, "IS-IS + Routing for Spine-Leaf Topology", Work in Progress, + draft-ietf-lsr-isis-spine-leaf-ext-00, December 2018. + + [RFC5304] Li, T. and R. Atkinson, "IS-IS Cryptographic + Authentication", RFC 5304, DOI 10.17487/RFC5304, October + 2008, . + + [RFC5310] Bhatia, M., Manral, V., Li, T., Atkinson, R., White, R., + and M. Fanto, "IS-IS Generic Cryptographic + Authentication", RFC 5310, DOI 10.17487/RFC5310, February + 2009, . + + [RFC5817] Ali, Z., Vasseur, JP., Zamfir, A., and J. Newton, + "Graceful Shutdown in MPLS and Generalized MPLS Traffic + Engineering Networks", RFC 5817, DOI 10.17487/RFC5817, + April 2010, . + + + +Shen, et al. Standards Track [Page 11] + +RFC 8500 IS-IS Reverse Metric February 2019 + + + [RFC5919] Asati, R., Mohapatra, P., Chen, E., and B. Thomas, + "Signaling LDP Label Advertisement Completion", RFC 5919, + DOI 10.17487/RFC5919, August 2010, + . + + [RFC6138] Kini, S., Ed. and W. Lu, Ed., "LDP IGP Synchronization for + Broadcast Networks", RFC 6138, DOI 10.17487/RFC6138, + February 2011, . + + [RFC7645] Chunduri, U., Tian, A., and W. Lu, "The Keying and + Authentication for Routing Protocol (KARP) IS-IS Security + Analysis", RFC 7645, DOI 10.17487/RFC7645, September 2015, + . + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Shen, et al. Standards Track [Page 12] + +RFC 8500 IS-IS Reverse Metric February 2019 + + +Appendix A. Node Isolation Challenges + + On rare occasions, it is necessary for an operator to perform + disruptive network maintenance on an entire IS-IS router node, i.e., + major software upgrades, power/cooling augments, etc. In these + cases, an operator will set the IS-IS Overload Bit (OL bit) within + the Link State Protocol Data Units (LSPs) of the IS-IS router about + to undergo maintenance. The IS-IS router immediately floods its + updated LSPs to all IS-IS routers in the IS-IS domain. Upon receipt + of the updated LSPs, all IS-IS routers recalculate their Shortest + Path First (SPF) tree excluding IS-IS routers whose LSPs have the OL + bit set. This effectively removes the IS-IS router about to undergo + maintenance from the topology, thus preventing it from receiving any + transit traffic during the maintenance period. + + After the maintenance activity has completed, the operator resets the + IS-IS Overload Bit within the LSPs of the original IS-IS router + causing it to flood updated IS-IS LSPs throughout the IS-IS domain. + All IS-IS routers recalculate their SPF tree and now include the + original IS-IS router in their topology calculations, allowing it to + be used for transit traffic again. + + Isolating an entire IS-IS router from the topology can be especially + disruptive due to the displacement of a large volume of traffic + through an entire IS-IS router to other suboptimal paths (e.g., those + with significantly larger delay). Thus, in the majority of network + maintenance scenarios, where only a single link or LAN needs to be + augmented to increase its physical capacity, or is experiencing an + intermittent failure, it is much more common and desirable to + gracefully remove just the targeted link or LAN from service + temporarily, so that the least amount of user-data traffic is + affected during the link-specific network maintenance. + +Appendix B. Link Isolation Challenges + + Before network maintenance events are performed on individual + physical links or LANs, operators substantially increase the IS-IS + metric simultaneously on both devices attached to the same link or + LAN. In doing so, the devices generate new Link State Protocol Data + Units (LSPs) that are flooded throughout the network and cause all + routers to gradually shift traffic onto alternate paths with very + little or no disruption to in-flight communications by applications + or end users. When performed successfully, this allows the operator + to confidently perform disruptive augmentation, fault diagnosis, or + repairs on a link without disturbing ongoing communications in the + network. + + + + + +Shen, et al. Standards Track [Page 13] + +RFC 8500 IS-IS Reverse Metric February 2019 + + + There are a number of challenges with the above solution. First, it + is quite common to have routers with several hundred interfaces and + individual interfaces that move anywhere from several hundred + gigabits/second to terabits/second of traffic. Thus, it is + imperative that operators accurately identify the same point-to-point + link on two separate devices in order to increase (and afterward + decrease) the IS-IS metric appropriately. Second, the aforementioned + solution is very time-consuming and even more error-prone to perform + when it's necessary to temporarily remove a multi-access LAN from the + network topology. Specifically, the operator needs to configure ALL + devices that have interfaces attached to the multi-access LAN with an + appropriately high IS-IS metric (and then decrease the IS-IS metric + to its original value afterward). Finally, with respect to multi- + access LANs, there is currently no method to bidirectionally isolate + only a single node's interface on the LAN when performing more fine- + grained diagnoses and repairs to the multi-access LAN. + + In theory, use of a Network Management System (NMS) could improve the + accuracy of identifying the appropriate subset of routers attached to + either a point-to-point link or a multi-access LAN. It could also + signal to those devices, using a network management protocol, to + adjust the IS-IS metrics on the pertinent set of interfaces. The + reality is that NMSs are, to a very large extent, not used within + Service Provider's networks for a variety of reasons. In particular, + NMSs do not interoperate very well across different vendors or even + separate platform families within the same vendor. + + + + + + + + + + + + + + + + + + + + + + + + + +Shen, et al. Standards Track [Page 14] + +RFC 8500 IS-IS Reverse Metric February 2019 + + +Acknowledgments + + The authors would like to thank Mike Shand, Dave Katz, Guan Deng, + Ilya Varlashkin, Jay Chen, Les Ginsberg, Peter Ashwood-Smith, Uma + Chunduri, Alexander Okonnikov, Jonathan Harrison, Dave Ward, Himanshu + Shah, Wes George, Danny McPherson, Ed Crabbe, Russ White, Robert + Raszuk, Tom Petch, Stewart Bryant, and Acee Lindem for their comments + and contributions. + +Contributors + + Tony Li + + Email: tony.li@tony.li + +Authors' Addresses + + Naiming Shen + Cisco Systems + 560 McCarthy Blvd. + Milpitas, CA 95035 + United States of America + + Email: naiming@cisco.com + + + Shane Amante + Apple Inc. + One Apple Park Way + Cupertino, CA 95014 + United States of America + + Email: amante@apple.com + + + Mikael Abrahamsson + T-Systems Nordic + Kistagangen 26 + Stockholm + Sweden + + Email: Mikael.Abrahamsson@t-systems.se + + + + + + + + + +Shen, et al. Standards Track [Page 15] + -- cgit v1.2.3