Hi Les,
On 1/5/15, 11:23 AM, "Les Ginsberg (ginsberg)" <[email protected]> wrote: >Pushpasis - > >The key point is that the proposal does not have any lasting impact on >traffic flow. A simple topology should suffice to illustrate this. > > >A----B----C----D > | | > E----F > >(All links have the same cost) > >Suppose we wish to have traffic entering at A flow along the path A-B-C-D >- but if the link B---C fails we do NOT want traffic to take the path >B--E--F--C. > >You propose to have C advertise an address with two node-sids - one which >allows protection - call it C(P) - and one which does NOT allow >protection - call it C(NP). [Pushpasis] No. My proposal is for D to advertise two node sids, D1 with NP set to 0 and D2 with NP set to 1. Applications on that do not need B, or C to protect the A-B-C-D path will use D2. B and C will not install backup paths for D2. Other apps can use D1 as they are supposed to do otherwise. Wether to protect D1 or not is a local decision of B and C. Hope I could clarify enough :) > >If the label stack specifies C(NP) - then while the link B--C is UP >everything works as desired (primary path to C(NP) on Node B is via link >B-C). >However, when the link B--C goes down, the network will reconverge and in >a modest amount of time the new primary path to C(NP) on node B will be >via link B-E. [Pushpasis] Yes agreed. But only applications on A will be injecting traffic using D2. Once the B-C link-down event reaches router A will stop injecting traffic using D2. A path re-compute will be triggered on A. Yes I agree that if B converges D2 (not FRR) before A re-compute, there is still chance that some small amount of traffic is sent over A-B-E-F-C-D. > >The existence of C(NP) therefore only affects traffic flow during the >reconvergence period i.e. if we assume B did NOT install a repair path >for C(NP) traffic will be dropped only until a new primary path is >calculated. I don’t see the value in this. > >As a (somewhat dangerous) aside, the functionality you are looking for is >more akin to "not-via" as defined in RFC 6981 - though I am quick to add >that I am NOT proposing to pursue that. :-) >But reading that RFC might give you more insight into why simply setting >"don't protect" for a prefix isn't useful for the purpose you have in >mind. > > Les > > > >-----Original Message----- >From: Pushpasis Sarkar [mailto:[email protected]] >Sent: Sunday, January 04, 2015 8:34 PM >To: Les Ginsberg (ginsberg); Shraddha Hegde; Peter Psenak (ppsenak); >[email protected]; >[email protected]; Hannes Gredler >Cc: [email protected]; [email protected] >Subject: Re: [OSPF] [Isis-wg] Mail regarding >draft-ietf-ospf-segment-routing-extensions > >Hi Les, > >Please find comments inline.. > >Authors, > >Here is my proposal. Please let me know if this sounds reasonable or not. > >- A new ŒNo-Potection-Required¹ or ŒNP¹ flag be added to the Prefix-SID >Sub-TLV/TLV. Setting this flag means none of the transit routers should >try to protect this node-segment. >- Let nodes advertise two node-sid-index each (per address-family), one >without and one with ŒNP¹ flag set. For node-sid advertised with ŒNP¹ >flag 0, routers same behave the same way as today. But when they receive >a node-sid with ŒNP¹ flag set, they avoid/skip finding a backup for that >segment. >- Finally ingress servers or TE-applications may use these 'node-sids >with NP-flag set¹ for use cases where it is better to drop traffic on >topology outages rather than diverting it to some other paths. For such >cases ingress router or TE-applications should look for node-sids with >ŒNP¹ flag set and not the regular node-sids. For all other normal use >cases(including L3VPN/6VPE etc) traffic should be carried using node-sid >without ŒNP‹flag set. > >Thanks and Regards, >-Pushpasis > >On 1/5/15, 3:37 AM, "Les Ginsberg (ginsberg)" <[email protected]> wrote: > >>Pushpasis - >> >>I don't agree. >> >>The use of one node-sid vs another has nothing whatever to do with the >>request Shraddha has made i.e. should we introduce a flag indicating >>whether a particular prefix should be protected or not. A node-sid only >>dictates what (intermediate) node traffic should be sent to - not what >>link(s) are used to reach that node. >[Pushpasis] This is not about which links to take. It is about wether >transit routers should try to protect the node-segment to the this >node-sid or not. I think this opens up a lot many number of possibilities >on the ingress router and TE controller-based applications. > >> >>Adjacency-sids have a different semantic - they identify the link over >>which traffic is to be forwarded. Identifying an adjacency-sid as >>unprotected means traffic will NEVER flow over a different link. There >>is no equivalent behavior w a node-sid - which is what this discussion >>has been about. >[Pushpasis] I am not trying to draw a parallel between this new flag and >the ŒB¹ flag in Adj-Sid SubTlv. Like said before > >> >> Les >> >> >>-----Original Message----- >>From: Pushpasis Sarkar [mailto:[email protected]] >>Sent: Sunday, January 04, 2015 8:51 AM >>To: Les Ginsberg (ginsberg); Shraddha Hegde; Peter Psenak (ppsenak); >>[email protected]; >>[email protected] >>Cc: [email protected]; [email protected] >>Subject: Re: [OSPF] [Isis-wg] Mail regarding >>draft-ietf-ospf-segment-routing-extensions >> >>Hi Les, >> >>I think the requirement Shraddha is referring is about the choice of >>exact node-sid to use while constructing the label-stack for a >>explicit-LSP on the ingress router, which will be typically done after >>running some CSPF on the SPRING topology. And not the IGP on ingress or >>transit routers. >> >>Thanks >>-Pushpasis >> >>On 1/3/15, 3:10 AM, "Les Ginsberg (ginsberg)" <[email protected]> wrote: >> >>>Shraddha - >>> >>>IGPs today do NOT perform constraint based SPFs - so I don't know why >>>you believe that the primary SPF will meet a set of constraints that >>>an LFA calculation will not. In fact , it is the opposite which is >>>true because implementations today do support preferences in choosing >>>LFAs based on various configured policy - something which is NOT done >>>for primary SPF. >>> >>>If you want a certain class of traffic to avoid a subset of the links >>>in the topology then you need to have a way of identifying the links >>>(NOT the node addresses) and a way of calculating a path which only >>>uses the links which meet the constraints of that class of service. >>>Identifying a particular prefix as protected or unprotected won't >>>achieve that. >>> >>> Les >>> >>>-----Original Message----- >>>From: Shraddha Hegde [mailto:[email protected]] >>>Sent: Friday, January 02, 2015 10:54 AM >>>To: Les Ginsberg (ginsberg); Peter Psenak (ppsenak); >>>[email protected]; >>>[email protected] >>>Cc: [email protected]; [email protected] >>>Subject: RE: [Isis-wg] Mail regarding >>>draft-ietf-ospf-segment-routing-extensions >>> >>>Hi Les/Peter, >>> >>> When reconvergence happens, the primary path will be calculated >>>based on all constriants. >>>This is not true with the protection path.Protection path is >>>calculated locally (LFA/RLFA) and does not consider the >>>characteristics of the services running on that path. >>>It's easier for some services to pick the unprotected path when the >>>nature of the service is that it can be restarted when there is a >>>disconnection. >>> >>>Rgds >>>Shraddha >>>-----Original Message----- >>>From: Les Ginsberg (ginsberg) [mailto:[email protected]] >>>Sent: Friday, January 02, 2015 10:06 PM >>>To: Peter Psenak (ppsenak); Shraddha Hegde; >>>[email protected]; >>>[email protected] >>>Cc: [email protected]; [email protected] >>>Subject: RE: [Isis-wg] Mail regarding >>>draft-ietf-ospf-segment-routing-extensions >>> >>>Peter - >>> >>>The requirement Shraddha specified was to not allow a particular class >>>of service ("heavy bandwidth services" was the example provided) to >>>use certain links in the topology. My point is that advertising a flag >>>for a given prefix which says "do not calculate a repair path for this >>>prefix" >>>does not help achieve this. Once the network reconverges following the >>>failure of one of the links on which "heavy bandwidth services" is >>>allowed/preferred it is quite likely that the new best path will be >>>over a link on which "heavy bandwidth services" is NOT >>>allowed/preferred. This will happen whether you have the new flag or >>>not - so the flag will have no lasting effect. It would only affect >>>traffic flow during the brief period during which the network is >>>reconverging. >>> >>>I think you and I are actually in agreement - I am simply sending a >>>stronger negative message - not only do I think the flag is not useful >>>- I think it does not achieve the goal Shraddha has in mind. >>> >>> Les >>> >>> >>>-----Original Message----- >>>From: Peter Psenak (ppsenak) >>>Sent: Friday, January 02, 2015 12:18 AM >>>To: Les Ginsberg (ginsberg); Shraddha Hegde; >>>[email protected]; >>>[email protected] >>>Cc: [email protected]; [email protected] >>>Subject: Re: [Isis-wg] Mail regarding >>>draft-ietf-ospf-segment-routing-extensions >>> >>>Hi Les, >>> >>>I believe the idea is not to exclude any particular link, it's >>>actually much simpler - do not calculate backup for the prefix if the >>>flag is set. >>> >>>I'm still not quite sure how useful above is, but technically it is >>>possible. >>> >>>thanks, >>>Peter >>> >>>On 12/30/14 17:22 , Les Ginsberg (ginsberg) wrote: >>>> Shraddha - >>>> >>>> When performing a best path calculation whether a given link is in >>>>the set of best paths (to be protectedED) or not (could be used as a >>>>protectING path) is a function of the topology - not the link. If >>>>there is a topology change it is quite likely that a given link will >>>>change from being a protectED link to being a protectING link (or >>>>vice versa). >>>>So what you propose regarding node-SIDs would not work. >>>> >>>> In the use case you mention below if you don't want a certain class >>>>of traffic to flow on a given link it requires a link attribute which >>>>is persistent across topology changes. There are ways to do that - >>>>using Adj-SIDs is one of them. But using node-SIDs in the way you >>>>propose is NOT. >>>> >>>> Les >>>> >>>> -----Original Message----- >>>> From: OSPF [mailto:[email protected]] On Behalf Of Shraddha >>>> Hegde >>>> Sent: Monday, December 29, 2014 10:12 PM >>>> To: Peter Psenak (ppsenak); >>>> [email protected]; >>>> [email protected] >>>> Cc: [email protected]; [email protected] >>>> Subject: Re: [OSPF] [Isis-wg] Mail regarding >>>> draft-ietf-ospf-segment-routing-extensions >>>> >>>> Peter, >>>> >>>>> The requirement here is to get an un-protected path for services >>>>>which do not want to divert the traffic on protected path in any case. >>>> >>>>> can you give an example of such a service and a reasoning why such >>>>>service would want to avoid local protection along the path? >>>> >>>> Heavy bandwidth services are potential candidates. The network is >>>>well planned and well provisioned for primary path but same is not >>>>true for backup paths. >>>> Diverting heavy bandwidth services along protection path can disrupt >>>>the other services on that path, they are better-off un-protected so >>>>that an event in the network Would result in disconnection and a >>>>retry for such services. >>>> >>>> Rgds >>>> Shraddha >>>> >>>> -----Original Message----- >>>> From: Peter Psenak [mailto:[email protected]] >>>> Sent: Monday, December 29, 2014 4:35 PM >>>> To: Shraddha Hegde; >>>> [email protected]; >>>> [email protected] >>>> Cc: [email protected]; [email protected] >>>> Subject: Re: [Isis-wg] Mail regarding >>>> draft-ietf-ospf-segment-routing-extensions >>>> >>>> Shraddha, >>>> >>>> On 12/29/14 10:06 , Shraddha Hegde wrote: >>>>> Peter, >>>>> >>>>> The requirement here is to get an un-protected path for services >>>>>which do not want to divert the traffic on protected path in any case. >>>> >>>> can you give an example of such a service and a reasoning why such >>>>service would want to avoid local protection along the path? >>>> >>>> thanks, >>>> Peter >>>> >>>>> So when the originator of node-sid signals un-protected path >>>>>requirement, there is always an unprotected path. >>>>> >>>>> Regarding the protected path, it is the default behavior as it >>>>>exists today. You get protection if it's available otherwise you >>>>>don't get protection. >>>>> >>>>> In fact, you can have the new flag to say "NP flag" meaning >>>>>non-protected flag which can be set for the unprotected path. >>>>> By default it remains off and gives the behavior as it exists today. >>>>> >>>>> >>>>> Rgds >>>>> Shraddha >>>>> >>>>> -----Original Message----- >>>>> From: Peter Psenak [mailto:[email protected]] >>>>> Sent: Monday, December 29, 2014 2:26 PM >>>>> To: Shraddha Hegde; >>>>> [email protected]; >>>>> [email protected] >>>>> Cc: [email protected]; [email protected] >>>>> Subject: Re: [Isis-wg] Mail regarding >>>>> draft-ietf-ospf-segment-routing-extensions >>>>> >>>>> Shraddha, >>>>> >>>>> I do not see how an originator of the node-sid can mandate a >>>>>protection for the prefix on other routers. What if there is no >>>>>backup available on a certain node along the path? >>>>> >>>>> The parallel with the B-flag in adj-sids is not right - in case of >>>>>adj-sid the originator has the knowledge about the local adjacency >>>>>protection and as such can signal it it it's LSA. >>>>> >>>>> thanks, >>>>> Peter >>>>> >>>>> >>>>> On 12/29/14 09:47 , Shraddha Hegde wrote: >>>>>> Peter, >>>>>> >>>>>> >>>>>> Pls see inline. >>>>>> >>>>>> Rgds >>>>>> Shraddha >>>>>> >>>>>> -----Original Message----- >>>>>> From: Peter Psenak [mailto:[email protected]] >>>>>> Sent: Monday, December 29, 2014 2:02 PM >>>>>> To: Shraddha Hegde; >>>>>> [email protected]; >>>>>> [email protected] >>>>>> Cc: [email protected]; [email protected] >>>>>> Subject: Re: [Isis-wg] Mail regarding >>>>>> draft-ietf-ospf-segment-routing-extensions >>>>>> >>>>>> Shraddha, >>>>>> >>>>>> I do not see how an originator can set any flag regarding the >>>>>>protection of the locally attached prefix. >>>>>> <Shraddha> The originator advertises 2 node-sids. One with p flag >>>>>>set and the other without the p-flag set. >>>>>> >>>>>> It's all the routers on the path towards such prefix that need >>>>>>to deal with the protection. >>>>>> <Shraddha> The receiving nodes will download protected path for >>>>>>the node-sid with p-flag set and download Unprotected path for the >>>>>>node-sid with p-flag unset. >>>>>> >>>>>> Signaling anything from the originator seems useless. >>>>>> <Shraddha> For node-sids it's the others who need to build the >>>>>>forwarding plane but it's only the originator who can signal which of >>>>>> Sid need to be built with protection >>>>>>and which not. Other routers on the path cannot signal this >>>>>>information. >>>>> >>>>> >>>>> >>>>>> >>>>>> With this you have two paths for the node. One is protected and >>>>>>the other is unprotected. This meets the requirement of having an >>>>>>un-protected path. >>>>>> >>>>>> It's very much in parallel to B-flag in adj-sids. It is similar to >>>>>>advertising multiple adj-sids one with B-flag on and other with >>>>>>b-flag off , to get protected and unprotected Adj-sids. >>>>>> >>>>>> thanks, >>>>>> Peter >>>>>> >>>>>> On 12/29/14 09:26 , Shraddha Hegde wrote: >>>>>>> Yes.You are right. >>>>>>> >>>>>>> Lets say a prefix sid has a flag "p flag". If this is on it means >>>>>>>build a path and provide protection. >>>>>>> If this is off it means build a path with no protection. >>>>>>> The receivers of the prefix-sid will build forwarding plane based >>>>>>>on this flag. >>>>>>> >>>>>>> The applications building the paths will either use prefix-sids >>>>>>>with p flag on or off based on the need of the service. >>>>>>> Rgds >>>>>>> Shraddha >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> From: Peter Psenak [mailto:[email protected]] >>>>>>> Sent: Monday, December 29, 2014 1:49 PM >>>>>>> To: Shraddha Hegde; >>>>>>> [email protected]; >>>>>>> [email protected] >>>>>>> Cc: [email protected]; [email protected] >>>>>>> Subject: Re: [Isis-wg] Mail regarding >>>>>>> draft-ietf-ospf-segment-routing-extensions >>>>>>> >>>>>>> Shraddha, >>>>>>> >>>>>>> the problem is that the node that is advertising the node-sid can >>>>>>>not advertise any data regarding the protection of such prefix, >>>>>>>because the prefix is locally attached. >>>>>>> >>>>>>> thanks, >>>>>>> Peter >>>>>>> >>>>>>> On 12/29/14 09:15 , Shraddha Hegde wrote: >>>>>>>> Peter, >>>>>>>> >>>>>>>> If there is a service which has to use un-protected path and >>>>>>>>while building such a path if the node-sids Need to be used (one >>>>>>>>reason could be label stack compression) , then there has to be >>>>>>>>unprotected node-sid that this service can make use of. >>>>>>>> >>>>>>>> Prefix -sids could also be used to represent different service >>>>>>>>endpoints which makes it even more relevant to have A means of >>>>>>>>representing unprotected paths. >>>>>>>> >>>>>>>> Would be good to hear from others on this, especially operators. >>>>>>>> >>>>>>>> Rgds >>>>>>>> Shraddha >>>>>>>> >>>>>>>> >>>>>>>> -----Original Message----- >>>>>>>> From: Peter Psenak [mailto:[email protected]] >>>>>>>> Sent: Monday, December 29, 2014 1:35 PM >>>>>>>> To: Shraddha Hegde; >>>>>>>> [email protected]; >>>>>>>> [email protected] >>>>>>>> Cc: [email protected]; [email protected] >>>>>>>> Subject: Re: [Isis-wg] Mail regarding >>>>>>>> draft-ietf-ospf-segment-routing-extensions >>>>>>>> >>>>>>>> Shraddha, >>>>>>>> >>>>>>>> node-SID is advertised by the router for the prefix that is >>>>>>>>directly attached to it. Protection for such local prefix does >>>>>>>>not mean much. >>>>>>>> >>>>>>>> thanks, >>>>>>>> Peter >>>>>>>> >>>>>>>> On 12/24/14 11:57 , Shraddha Hegde wrote: >>>>>>>>> Authors, >>>>>>>>> We have a "backup flag" in adjacency sid to indicate whether >>>>>>>>> the label is protected or not. >>>>>>>>> Similarly. I think we need a flag in prefix-sid as well to >>>>>>>>> indicate whether the node-sid is to be protected or not. >>>>>>>>> Any thoughts on this? >>>>>>>>> Rgds >>>>>>>>> Shraddha >>>>>>>>> >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Isis-wg mailing list >>>>>>>>> [email protected] >>>>>>>>> https://www.ietf.org/mailman/listinfo/isis-wg >>>>>>>>> >>>>>>>> >>>>>>>> . >>>>>>>> >>>>>>> >>>>>>> . >>>>>>> >>>>>> >>>>>> . >>>>>> >>>>> >>>>> . >>>>> >>>> >>>> _______________________________________________ >>>> OSPF mailing list >>>> [email protected] >>>> https://www.ietf.org/mailman/listinfo/ospf >>>> . >>>> >>> >>>_______________________________________________ >>>OSPF mailing list >>>[email protected] >>>https://www.ietf.org/mailman/listinfo/ospf >> > _______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf
