LSR Working Group | A. Wang |
Internet-Draft | China Telecom |
Intended status: Standards Track | Z. Hu |
Expires: July 13, 2020 | Huawei Technologies |
January 10, 2020 |
Passive Interface Attribute
draft-wang-lsr-passive-interface-attribute-00
This document describes the mechanism that can be used to differentiate the passive interfaces from the normal interfaces within ISIS domain.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 13, 2020.
Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
Passive interfaces are used commonly within operator or enterprise networks, especially at the boundary of different IGP domains. Using passive interface can keep the address that associated with it is reachable within the domain it belongs to but no other link information is leaked to the other side in another domain.
For operator which runs different IGP domains that interconnect with each other, there is desire that to get the inter-as topology information as that described in [I-D.ietf-idr-bgpls-inter-as-topology-ext]. If the router that run BGP-LS within one IGP domain can distinguish the passive interfaces(also the links between two boundary) from the other normal interfaces, then it is easy for them to report these link in the "Stub Link NLRI" via the BGP-LS.
OSPF has the mechanism as described in [RFC2328] to label the passive interface, but ISIS protocol has no such attribute to label the passive interface.
This document introduces the mechanism that can be used in such situation, to label the passive interface via the newly defined passive interface attribute.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] .
Figure1 illustrates the topology scenario when ISIS/OSPF is running in different domain. B1, B3 are border routers within IGP domain A, B2, B4 are border routers within domain B. S1-S4 are the internal routers within domain A, T1-T4 are the internal routers within domain B. The two domain are interconnected via the links between B1/B2 and B3/B4.
Passive interfaces are enabled in the links between B1/B2 and B3/B4 respectively. For domain B, the T1 router that runs OSPF can extract the passives links from the normal links and report it to IP SDN controller via the BGP-LS protocol. But for domain A, the S2 router that runs ISIS can only judge the passive interfaces from other characteristics, such as no IGP neighbor on this link. Such judgement can extract these passive links but it is not exactly, because it covers also the situation when there is some issues to establish the ISIS adjacency but not the passive interface.
The passive interfaces are also often used in the edge router which connects the server, for example in the router S1/S4 and T2/T4 in Figure 1. Knowing these interfaces are correctly configured will also benefit the management of these interfaces.
The method to label these passive interface explicitly is necessary then.
+-----------------+ +----+IP SDN Controller+----+ | +-----------------+ | | | |BGP-LS |BGP-LS | | +---------------+-----+ +-----+--------------+ | +--+ +-++ ++-+ +-++ +|-+ +--+| | |S1+--------+S2+---+B1+-----------+B2+---+T1+--------+T2|| | +-++ N1 +-++ ++-+ +-++ ++++ N2 +-++| | | | | | || | | | | | | | || | | | +-++ +-++ ++-+ +-++ ++++ +-++| | |S4+--------+S3+---+B3+-----------+B4+---+T3+--------+T4|| | +--+ +--+ ++-+ +-++ ++-+ +--+| | | | | | | | | | Domain A(ISIS) | | Domain B(OSPF) | +---------------------+ +--------------------+ Figure 1: Inter-AS Domain Scenarios
[RFC7794] defines the "IPv4/IPv6 Extended Reachability Attribute Flags" sub-TLV to advertise the additional flags associated with a given prefix advertisement. Currently, only X(Bit 0),R(Bit 1),N(Bit 2), E(Bit 3) flags are defined, here we propose another bit(Bit 4 is desired) to be assigned by the IANA for the passive interface attribute, as illustrated in the following Figure2:
0 1 2 3 4 5 6 7... +-+-+-+-+-+-+-+-+... |X|R|N|E|P ... +-+-+-+-+-+-+-+-+... Figure 2: Prefix Attribute Flags P-flag: Passive Flag(Bit 4) Set for local interface that is configured as passive interface.
When the interfaces on one router be configured as the passive interface, the P-flag bit will be set in the "IPv4/IPv6 Extended Reachability Attribute Flags" sub-TLV. This sub-TLV will be included in the TLV 135, TLV 235, TLV 236 and TLV 237 as necessary and be flooded within the ISIS domain.
The router receives such advertisement can then easily distinguish the passive interfaces from the normal interface, and report them to the SDN controller if it run the BGP-LS protocol.
Security concerns for ISIS are addressed in [RFC5304] and[RFC5310]
Advertisement of the additional information defined in this document introduces no new security concerns.
IANA is requested to allocate the P-bit (bit position 4 is desired) from the "Bit Values for Prefix Attribute Flags Sub-TLV" registry.
Thanks Shunwan Zhang, Les Ginsberg and Robert Raszuk for their suggestions and comments on this idea.
[RFC2119] | Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997. |
[RFC2328] | Moy, J., "OSPF Version 2", STD 54, RFC 2328, DOI 10.17487/RFC2328, April 1998. |
[RFC5304] | Li, T. and R. Atkinson, "IS-IS Cryptographic Authentication", RFC 5304, DOI 10.17487/RFC5304, October 2008. |
[RFC5310] | Bhatia, M., Manral, V., Li, T., Atkinson, R., White, R. and M. Fanto, "IS-IS Generic Cryptographic Authentication", RFC 5310, DOI 10.17487/RFC5310, February 2009. |
[RFC7794] | Ginsberg, L., Decraene, B., Previdi, S., Xu, X. and U. Chunduri, "IS-IS Prefix Attributes for Extended IPv4 and IPv6 Reachability", RFC 7794, DOI 10.17487/RFC7794, March 2016. |
[I-D.ietf-idr-bgpls-inter-as-topology-ext] | Wang, A., Chen, H., Talaulikar, K., Zhuang, S. and S. Ma, "BGP-LS Extension for Inter-AS Topology Retrieval", Internet-Draft draft-ietf-idr-bgpls-inter-as-topology-ext-07, September 2019. |