Pushpasis -
The key point is that the proposal does not have any lasting impact on traffic
flow. A simple topology should suffice to illustrate this.
A----B----C----D
| |
E----F
(All links have the same cost)
Suppose we wish to have traffic entering at A flow along the path A-B-C-D - but
if the link B---C fails we do NOT want traffic to take the path B--E--F--C.
You propose to have C advertise an address with two node-sids - one which
allows protection - call it C(P) - and one which does NOT allow protection -
call it C(NP).
If the label stack specifies C(NP) - then while the link B--C is UP everything
works as desired (primary path to C(NP) on Node B is via link B-C).
However, when the link B--C goes down, the network will reconverge and in a
modest amount of time the new primary path to C(NP) on node B will be via link
B-E.
The existence of C(NP) therefore only affects traffic flow during the
reconvergence period i.e. if we assume B did NOT install a repair path for
C(NP) traffic will be dropped only until a new primary path is calculated. I
don’t see the value in this.
As a (somewhat dangerous) aside, the functionality you are looking for is more
akin to "not-via" as defined in RFC 6981 - though I am quick to add that I am
NOT proposing to pursue that. :-)
But reading that RFC might give you more insight into why simply setting "don't
protect" for a prefix isn't useful for the purpose you have in mind.
Les
-----Original Message-----
From: Pushpasis Sarkar [mailto:[email protected]]
Sent: Sunday, January 04, 2015 8:34 PM
To: Les Ginsberg (ginsberg); Shraddha Hegde; Peter Psenak (ppsenak);
[email protected];
[email protected]; Hannes Gredler
Cc: [email protected]; [email protected]
Subject: Re: [OSPF] [Isis-wg] Mail regarding
draft-ietf-ospf-segment-routing-extensions
Hi Les,
Please find comments inline..
Authors,
Here is my proposal. Please let me know if this sounds reasonable or not.
- A new ŒNo-Potection-Required¹ or ŒNP¹ flag be added to the Prefix-SID
Sub-TLV/TLV. Setting this flag means none of the transit routers should try to
protect this node-segment.
- Let nodes advertise two node-sid-index each (per address-family), one without
and one with ŒNP¹ flag set. For node-sid advertised with ŒNP¹ flag 0, routers
same behave the same way as today. But when they receive a node-sid with ŒNP¹
flag set, they avoid/skip finding a backup for that segment.
- Finally ingress servers or TE-applications may use these 'node-sids with
NP-flag set¹ for use cases where it is better to drop traffic on topology
outages rather than diverting it to some other paths. For such cases ingress
router or TE-applications should look for node-sids with ŒNP¹ flag set and not
the regular node-sids. For all other normal use cases(including L3VPN/6VPE etc)
traffic should be carried using node-sid without ŒNP‹flag set.
Thanks and Regards,
-Pushpasis
On 1/5/15, 3:37 AM, "Les Ginsberg (ginsberg)" <[email protected]> wrote:
>Pushpasis -
>
>I don't agree.
>
>The use of one node-sid vs another has nothing whatever to do with the
>request Shraddha has made i.e. should we introduce a flag indicating
>whether a particular prefix should be protected or not. A node-sid only
>dictates what (intermediate) node traffic should be sent to - not what
>link(s) are used to reach that node.
[Pushpasis] This is not about which links to take. It is about wether transit
routers should try to protect the node-segment to the this node-sid or not. I
think this opens up a lot many number of possibilities on the ingress router
and TE controller-based applications.
>
>Adjacency-sids have a different semantic - they identify the link over
>which traffic is to be forwarded. Identifying an adjacency-sid as
>unprotected means traffic will NEVER flow over a different link. There
>is no equivalent behavior w a node-sid - which is what this discussion
>has been about.
[Pushpasis] I am not trying to draw a parallel between this new flag and the
ŒB¹ flag in Adj-Sid SubTlv. Like said before
>
> Les
>
>
>-----Original Message-----
>From: Pushpasis Sarkar [mailto:[email protected]]
>Sent: Sunday, January 04, 2015 8:51 AM
>To: Les Ginsberg (ginsberg); Shraddha Hegde; Peter Psenak (ppsenak);
>[email protected];
>[email protected]
>Cc: [email protected]; [email protected]
>Subject: Re: [OSPF] [Isis-wg] Mail regarding
>draft-ietf-ospf-segment-routing-extensions
>
>Hi Les,
>
>I think the requirement Shraddha is referring is about the choice of
>exact node-sid to use while constructing the label-stack for a
>explicit-LSP on the ingress router, which will be typically done after
>running some CSPF on the SPRING topology. And not the IGP on ingress or
>transit routers.
>
>Thanks
>-Pushpasis
>
>On 1/3/15, 3:10 AM, "Les Ginsberg (ginsberg)" <[email protected]> wrote:
>
>>Shraddha -
>>
>>IGPs today do NOT perform constraint based SPFs - so I don't know why
>>you believe that the primary SPF will meet a set of constraints that
>>an LFA calculation will not. In fact , it is the opposite which is
>>true because implementations today do support preferences in choosing
>>LFAs based on various configured policy - something which is NOT done
>>for primary SPF.
>>
>>If you want a certain class of traffic to avoid a subset of the links
>>in the topology then you need to have a way of identifying the links
>>(NOT the node addresses) and a way of calculating a path which only
>>uses the links which meet the constraints of that class of service.
>>Identifying a particular prefix as protected or unprotected won't
>>achieve that.
>>
>> Les
>>
>>-----Original Message-----
>>From: Shraddha Hegde [mailto:[email protected]]
>>Sent: Friday, January 02, 2015 10:54 AM
>>To: Les Ginsberg (ginsberg); Peter Psenak (ppsenak);
>>[email protected];
>>[email protected]
>>Cc: [email protected]; [email protected]
>>Subject: RE: [Isis-wg] Mail regarding
>>draft-ietf-ospf-segment-routing-extensions
>>
>>Hi Les/Peter,
>>
>> When reconvergence happens, the primary path will be calculated
>>based on all constriants.
>>This is not true with the protection path.Protection path is
>>calculated locally (LFA/RLFA) and does not consider the
>>characteristics of the services running on that path.
>>It's easier for some services to pick the unprotected path when the
>>nature of the service is that it can be restarted when there is a
>>disconnection.
>>
>>Rgds
>>Shraddha
>>-----Original Message-----
>>From: Les Ginsberg (ginsberg) [mailto:[email protected]]
>>Sent: Friday, January 02, 2015 10:06 PM
>>To: Peter Psenak (ppsenak); Shraddha Hegde;
>>[email protected];
>>[email protected]
>>Cc: [email protected]; [email protected]
>>Subject: RE: [Isis-wg] Mail regarding
>>draft-ietf-ospf-segment-routing-extensions
>>
>>Peter -
>>
>>The requirement Shraddha specified was to not allow a particular class
>>of service ("heavy bandwidth services" was the example provided) to
>>use certain links in the topology. My point is that advertising a flag
>>for a given prefix which says "do not calculate a repair path for this
>>prefix"
>>does not help achieve this. Once the network reconverges following the
>>failure of one of the links on which "heavy bandwidth services" is
>>allowed/preferred it is quite likely that the new best path will be
>>over a link on which "heavy bandwidth services" is NOT
>>allowed/preferred. This will happen whether you have the new flag or
>>not - so the flag will have no lasting effect. It would only affect
>>traffic flow during the brief period during which the network is
>>reconverging.
>>
>>I think you and I are actually in agreement - I am simply sending a
>>stronger negative message - not only do I think the flag is not useful
>>- I think it does not achieve the goal Shraddha has in mind.
>>
>> Les
>>
>>
>>-----Original Message-----
>>From: Peter Psenak (ppsenak)
>>Sent: Friday, January 02, 2015 12:18 AM
>>To: Les Ginsberg (ginsberg); Shraddha Hegde;
>>[email protected];
>>[email protected]
>>Cc: [email protected]; [email protected]
>>Subject: Re: [Isis-wg] Mail regarding
>>draft-ietf-ospf-segment-routing-extensions
>>
>>Hi Les,
>>
>>I believe the idea is not to exclude any particular link, it's
>>actually much simpler - do not calculate backup for the prefix if the flag is
>>set.
>>
>>I'm still not quite sure how useful above is, but technically it is
>>possible.
>>
>>thanks,
>>Peter
>>
>>On 12/30/14 17:22 , Les Ginsberg (ginsberg) wrote:
>>> Shraddha -
>>>
>>> When performing a best path calculation whether a given link is in
>>>the set of best paths (to be protectedED) or not (could be used as a
>>>protectING path) is a function of the topology - not the link. If
>>>there is a topology change it is quite likely that a given link will
>>>change from being a protectED link to being a protectING link (or
>>>vice versa).
>>>So what you propose regarding node-SIDs would not work.
>>>
>>> In the use case you mention below if you don't want a certain class
>>>of traffic to flow on a given link it requires a link attribute which
>>>is persistent across topology changes. There are ways to do that -
>>>using Adj-SIDs is one of them. But using node-SIDs in the way you
>>>propose is NOT.
>>>
>>> Les
>>>
>>> -----Original Message-----
>>> From: OSPF [mailto:[email protected]] On Behalf Of Shraddha
>>> Hegde
>>> Sent: Monday, December 29, 2014 10:12 PM
>>> To: Peter Psenak (ppsenak);
>>> [email protected];
>>> [email protected]
>>> Cc: [email protected]; [email protected]
>>> Subject: Re: [OSPF] [Isis-wg] Mail regarding
>>> draft-ietf-ospf-segment-routing-extensions
>>>
>>> Peter,
>>>
>>>> The requirement here is to get an un-protected path for services
>>>>which do not want to divert the traffic on protected path in any case.
>>>
>>>> can you give an example of such a service and a reasoning why such
>>>>service would want to avoid local protection along the path?
>>>
>>> Heavy bandwidth services are potential candidates. The network is
>>>well planned and well provisioned for primary path but same is not
>>>true for backup paths.
>>> Diverting heavy bandwidth services along protection path can disrupt
>>>the other services on that path, they are better-off un-protected so
>>>that an event in the network Would result in disconnection and a
>>>retry for such services.
>>>
>>> Rgds
>>> Shraddha
>>>
>>> -----Original Message-----
>>> From: Peter Psenak [mailto:[email protected]]
>>> Sent: Monday, December 29, 2014 4:35 PM
>>> To: Shraddha Hegde;
>>> [email protected];
>>> [email protected]
>>> Cc: [email protected]; [email protected]
>>> Subject: Re: [Isis-wg] Mail regarding
>>> draft-ietf-ospf-segment-routing-extensions
>>>
>>> Shraddha,
>>>
>>> On 12/29/14 10:06 , Shraddha Hegde wrote:
>>>> Peter,
>>>>
>>>> The requirement here is to get an un-protected path for services
>>>>which do not want to divert the traffic on protected path in any case.
>>>
>>> can you give an example of such a service and a reasoning why such
>>>service would want to avoid local protection along the path?
>>>
>>> thanks,
>>> Peter
>>>
>>>> So when the originator of node-sid signals un-protected path
>>>>requirement, there is always an unprotected path.
>>>>
>>>> Regarding the protected path, it is the default behavior as it
>>>>exists today. You get protection if it's available otherwise you
>>>>don't get protection.
>>>>
>>>> In fact, you can have the new flag to say "NP flag" meaning
>>>>non-protected flag which can be set for the unprotected path.
>>>> By default it remains off and gives the behavior as it exists today.
>>>>
>>>>
>>>> Rgds
>>>> Shraddha
>>>>
>>>> -----Original Message-----
>>>> From: Peter Psenak [mailto:[email protected]]
>>>> Sent: Monday, December 29, 2014 2:26 PM
>>>> To: Shraddha Hegde;
>>>> [email protected];
>>>> [email protected]
>>>> Cc: [email protected]; [email protected]
>>>> Subject: Re: [Isis-wg] Mail regarding
>>>> draft-ietf-ospf-segment-routing-extensions
>>>>
>>>> Shraddha,
>>>>
>>>> I do not see how an originator of the node-sid can mandate a
>>>>protection for the prefix on other routers. What if there is no
>>>>backup available on a certain node along the path?
>>>>
>>>> The parallel with the B-flag in adj-sids is not right - in case of
>>>>adj-sid the originator has the knowledge about the local adjacency
>>>>protection and as such can signal it it it's LSA.
>>>>
>>>> thanks,
>>>> Peter
>>>>
>>>>
>>>> On 12/29/14 09:47 , Shraddha Hegde wrote:
>>>>> Peter,
>>>>>
>>>>>
>>>>> Pls see inline.
>>>>>
>>>>> Rgds
>>>>> Shraddha
>>>>>
>>>>> -----Original Message-----
>>>>> From: Peter Psenak [mailto:[email protected]]
>>>>> Sent: Monday, December 29, 2014 2:02 PM
>>>>> To: Shraddha Hegde;
>>>>> [email protected];
>>>>> [email protected]
>>>>> Cc: [email protected]; [email protected]
>>>>> Subject: Re: [Isis-wg] Mail regarding
>>>>> draft-ietf-ospf-segment-routing-extensions
>>>>>
>>>>> Shraddha,
>>>>>
>>>>> I do not see how an originator can set any flag regarding the
>>>>>protection of the locally attached prefix.
>>>>> <Shraddha> The originator advertises 2 node-sids. One with p flag
>>>>>set and the other without the p-flag set.
>>>>>
>>>>> It's all the routers on the path towards such prefix that need
>>>>>to deal with the protection.
>>>>> <Shraddha> The receiving nodes will download protected path for
>>>>>the node-sid with p-flag set and download Unprotected path for the
>>>>>node-sid with p-flag unset.
>>>>>
>>>>> Signaling anything from the originator seems useless.
>>>>> <Shraddha> For node-sids it's the others who need to build the
>>>>>forwarding plane but it's only the originator who can signal which of
>>>>> Sid need to be built with protection
>>>>>and which not. Other routers on the path cannot signal this information.
>>>>
>>>>
>>>>
>>>>>
>>>>> With this you have two paths for the node. One is protected and
>>>>>the other is unprotected. This meets the requirement of having an
>>>>>un-protected path.
>>>>>
>>>>> It's very much in parallel to B-flag in adj-sids. It is similar to
>>>>>advertising multiple adj-sids one with B-flag on and other with
>>>>>b-flag off , to get protected and unprotected Adj-sids.
>>>>>
>>>>> thanks,
>>>>> Peter
>>>>>
>>>>> On 12/29/14 09:26 , Shraddha Hegde wrote:
>>>>>> Yes.You are right.
>>>>>>
>>>>>> Lets say a prefix sid has a flag "p flag". If this is on it means
>>>>>>build a path and provide protection.
>>>>>> If this is off it means build a path with no protection.
>>>>>> The receivers of the prefix-sid will build forwarding plane based
>>>>>>on this flag.
>>>>>>
>>>>>> The applications building the paths will either use prefix-sids
>>>>>>with p flag on or off based on the need of the service.
>>>>>> Rgds
>>>>>> Shraddha
>>>>>>
>>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Peter Psenak [mailto:[email protected]]
>>>>>> Sent: Monday, December 29, 2014 1:49 PM
>>>>>> To: Shraddha Hegde;
>>>>>> [email protected];
>>>>>> [email protected]
>>>>>> Cc: [email protected]; [email protected]
>>>>>> Subject: Re: [Isis-wg] Mail regarding
>>>>>> draft-ietf-ospf-segment-routing-extensions
>>>>>>
>>>>>> Shraddha,
>>>>>>
>>>>>> the problem is that the node that is advertising the node-sid can
>>>>>>not advertise any data regarding the protection of such prefix,
>>>>>>because the prefix is locally attached.
>>>>>>
>>>>>> thanks,
>>>>>> Peter
>>>>>>
>>>>>> On 12/29/14 09:15 , Shraddha Hegde wrote:
>>>>>>> Peter,
>>>>>>>
>>>>>>> If there is a service which has to use un-protected path and
>>>>>>>while building such a path if the node-sids Need to be used (one
>>>>>>>reason could be label stack compression) , then there has to be
>>>>>>>unprotected node-sid that this service can make use of.
>>>>>>>
>>>>>>> Prefix -sids could also be used to represent different service
>>>>>>>endpoints which makes it even more relevant to have A means of
>>>>>>>representing unprotected paths.
>>>>>>>
>>>>>>> Would be good to hear from others on this, especially operators.
>>>>>>>
>>>>>>> Rgds
>>>>>>> Shraddha
>>>>>>>
>>>>>>>
>>>>>>> -----Original Message-----
>>>>>>> From: Peter Psenak [mailto:[email protected]]
>>>>>>> Sent: Monday, December 29, 2014 1:35 PM
>>>>>>> To: Shraddha Hegde;
>>>>>>> [email protected];
>>>>>>> [email protected]
>>>>>>> Cc: [email protected]; [email protected]
>>>>>>> Subject: Re: [Isis-wg] Mail regarding
>>>>>>> draft-ietf-ospf-segment-routing-extensions
>>>>>>>
>>>>>>> Shraddha,
>>>>>>>
>>>>>>> node-SID is advertised by the router for the prefix that is
>>>>>>>directly attached to it. Protection for such local prefix does
>>>>>>>not mean much.
>>>>>>>
>>>>>>> thanks,
>>>>>>> Peter
>>>>>>>
>>>>>>> On 12/24/14 11:57 , Shraddha Hegde wrote:
>>>>>>>> Authors,
>>>>>>>> We have a "backup flag" in adjacency sid to indicate whether
>>>>>>>> the label is protected or not.
>>>>>>>> Similarly. I think we need a flag in prefix-sid as well to
>>>>>>>> indicate whether the node-sid is to be protected or not.
>>>>>>>> Any thoughts on this?
>>>>>>>> Rgds
>>>>>>>> Shraddha
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Isis-wg mailing list
>>>>>>>> [email protected]
>>>>>>>> https://www.ietf.org/mailman/listinfo/isis-wg
>>>>>>>>
>>>>>>>
>>>>>>> .
>>>>>>>
>>>>>>
>>>>>> .
>>>>>>
>>>>>
>>>>> .
>>>>>
>>>>
>>>> .
>>>>
>>>
>>> _______________________________________________
>>> OSPF mailing list
>>> [email protected]
>>> https://www.ietf.org/mailman/listinfo/ospf
>>> .
>>>
>>
>>_______________________________________________
>>OSPF mailing list
>>[email protected]
>>https://www.ietf.org/mailman/listinfo/ospf
>
_______________________________________________
OSPF mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ospf
