LFA selection for Multi-Homed PrefixesArrcus, Inc.pushpasis.ietf@gmail.comHuawei USA2330 Central ExpresswaySanta ClaraCA95050USAuma.chunduri@huawei.comJuniper Networks, Inc.Electra, Exora Business ParkBangaloreKA560103Indiashraddha@juniper.netNuage Networks755 Ravendale DriveMountain ViewCA94043USAjefftant.ietf@gmail.comRtBrick, Inc.hannes@rtbrick.com
Routing
Routing Area Working GroupLFAMulti-homed PrefixIGPThis document shares experience gained from implementing algorithms to
determine Loop-Free Alternates for multi-homed prefixes. In particular,
this document provides explicit inequalities that can be used to evaluate
neighbors as a potential alternates for multi-homed prefixes. It also provides
detailed criteria for evaluating potential alternates for external prefixes
advertised by OSPF ASBRs. This documents updates and expands some of the "Routing Aspects" as
specified in Section 6 of RFC 5286. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC8174. A framework for the development of IP fast-
reroute mechanisms is detailed in . The use of Loop-Free Alternates (LFA) for IP Fast Reroute is specified in
. Section 6.1 of describes a method to
determine loop-free alternates for multi-homed prefixes (MHPs). This document describes
a procedure using explicit inequalities that can be used by a computing router to evaluate
a neighbor as a potential alternate for a multi-homed prefix. The results obtained are
equivalent to those obtained using the method described in Section 6.1 of .
However, some may find this formulation useful.Section 6.3 of discusses complications associated with computing LFAs for
multi-homed prefixes in OSPF. This document provides detailed criteria for evaluating
potential alternates for external prefixes advertised by OSPF ASBRs, as well as explicit
inequalities.This document also provides clarifications, additional considerations to
, to address a few coverage and operational observations.
These observations are in the area of handling IS-IS attach (ATT) bit in Level-1 (L1) area,
links provisioned with MAX_METRIC for traffic engineering (TE) purposes and in the area of
Multi Topology (MT) IGP deployments. These are elaborated in detail in
and .Address Family IS-IS Attach Bit Equal Cost Multi Path Interior Gateway Protocol Intermediate System to Intermediate SystemIS-IS Link State PDUOpen Shortest Path First Multi-homed Prefix Multi Topology Shortest Path First PDUThis document proposes the following set of LFA inequalities for selecting the most appropriate
LFAs for multi-homed prefixes (MHPs). They can be derived from the inequalities in combined
with the observation that
D_opt(N,P) = Min (D_opt(N,PO_i) + cost(PO_i,P)) over all PO_iTo compute a valid LFA for a given multi-homed prefix P, a computing
router S MUST follow one of the appropriate procedures below, for each
alternate neighbor N.In case an alternate neighbor N is also one of the prefix-originators of prefix P, N being a
prefix-originator it is guaranteed that N will not loop back packets destined for prefix P to
computing router S. So N MUST be chosen as a valid LFA for prefix P, without evaluating any of
the inequalities in as long as downstream-paths-only
LFA is not desired. To ensure such a neighbor N also provides a downstream-paths-only LFA,
router S MUST also evaluate the downstream-only LFA inequality specified in
for neighbor N and ensure router N satisfies the inequality.However, if N is not a prefix-originator of P, the computing router SHOULD evaluate one of the
corresponding LFA inequalities, as mentioned in , once for
each remote node that originated the prefix. In case the inequality is satisfied by the neighbor
N router S MUST choose neighbor N, as one of the valid LFAs for the prefix P.For more specific rules please refer to the later sections of this document.
LFA base specification Section 6.1 recommends that a router computes the alternate next-hop for an IGP multi-homed prefix by
considering alternate paths via all routers that have announced that prefix and the same has been elaborated with appropriate inequalities in the above
section. However, Section 6.1 also allows for the router to simplify the multi-homed prefix
calculation by assuming that the MHP is solely attached to the router that was its pre-failure optimal point of attachment, at the expense of potentially
lower coverage. If an implementation chooses to simplify the multi-homed prefix calculation by assuming that the MHP is solely attached to the router that was
its pre-failure optimal point of attachment, the procedure described in this memo can potentially improve coverage for equal cost multi
path (ECMP) MHPs without incurring extra computational cost.
This document improves the above approach to provide loop-free alternatives without any additional cost for ECMP MHPs as described through
the below example network. The approach specified here MAY also be applicable for handling default routes as explained in .
In the above network a prefix p, is advertised from both Node E and Node F. With simplified approach taken as specified in
Section 6.1, prefix P will get only link protection LFA through the neighbor C while a node
protection path is available through neighbor A. In this scenario, E and F both are pre-failure optimal points of attachment
and share the same primary next-hop.
Hence, an implementation MAY compare the kind of protection A provides to F (link-and-node protection) with the kind of
protection C provides to E (link protection) and inherit the better alternative to prefix P and here it is A.
However, in the below network prefix P has an ECMP through both node E and node F with cost 20. Though it has 2 pre-failure optimal
points of attachment, the primary next-hop to each pre-failure optimal point of attachment is different. In this case, prefix P MUST
inherit corresponding LFAs of each primary next-hop calculated for the router advertising the
same respectively. In the below diagram that would be node E's and node F's LFA i.e., node N1 and node N2 respectively.
In summary, if there are multiple pre-failure points of attachment for a MHP and primary next-hop of a MHP is same as that of
the primary next-hop of the router that was pre-failure optimal point of attachment, an implementation MAY provide a better
protection to MHP without incurring any additional computation cost.
Per a default route needs to be added in Level1 (L1) router to the closest reachable Level1/Level2 (L1/L2)
router in the network
advertising ATT (attach) bit in its LSP-0 fragment. All L1 routers in the area would do this during the decision process with the next-hop of
the default route set to the adjacent router through which the closest L1/L2 router is reachable. The base LFA specification
does not specify any procedure for computing LFA for a default route in IS-IS L1 area. This document specifies,
a node can consider a default route is being advertised from the border L1/L2 router where ATT bit is set, and can do LFA computation
for that default route. But, when multiple ECMP L1/L2 routers are reachable in an L1 area corresponding
best LFAs SHOULD be given for each primary next-hop associated with default route. Considerations as specified in
and
are applicable for default routes, if the default route is considered as ECMP MHP.
Note that, this document doesn't alter any ECMP handling rules or computation of LFAs for ECMP in general as laid out in .
Redistribution of external routes into IGP is required in case of two different networks getting
merged into one or during protocol migrations. External routes could be distributed into an IGP
domain via multiple nodes to avoid a single point of failure.During LFA calculation, alternate LFA next-hops to reach the best ASBR could be used as LFA
for the routes redistributed via that ASBR. When there is no LFA available to the best ASBR,
it may be desirable to consider the other ASBRs (referred to as alternate ASBR hereafter)
redistributing the external routes for LFA selection as defined in
and leverage the advantage of having multiple re-distributing nodes in the network.LFA evaluation for multi-homed external prefixes in IS-IS is similar to the multi-homed
internal prefixes. Inequalities described in Section 2 would also apply to multi-homed
external prefixes.Loop Free Alternates describes mechanisms to apply inequalities to find the loop
free alternate neighbor. For the selection of alternate ASBR for LFA consideration, additional
rules have to be applied in selecting the alternate ASBR due to the external route calculation
rules imposed by .
This document defines inequalities specifically for the alternate
loop-free ASBR evaluation, based on those in . The process to select an alternate ASBR is best explained using the rules below.
The below process is applied when primary ASBR for the concerned prefix is chosen and
there is an alternate ASBR originating same prefix.When "RFC1583compatibility" is set to disabled, OSPF defines certain rules of
preference to choose the ASBRs. While selecting alternate ASBR for loop evaluation for LFA,
these rules should be applied to ensure that the alternate neighbor does not cause loop.
When there are multiple ASBRs belonging to different area advertising the same prefix,
pruning rules as defined in section 16.4.1 are applied. The alternate ASBRs pruned
using above rules are not considered for LFA evaluation.If there are multiple ASBRs not pruned via rules defined in , the cost type advertised
by the ASBRs is compared. ASBRs advertising type 1 costs are preferred and the type 2 costs are
pruned. If two ASBRs advertise same type 2 cost, the alternate ASBRs are considered along with
their cost to reach ASBR/forwarding adress for evaluation. If the two ASBRs have same type 2 cost as well as same cost to reach ASBR, ECMP
FRR is programmed. When there are multiple ASBRs advertising same type 2 cost for the prefix,
primary AS external route calculation as described in section 16.4.1
selects the route with lowest type 2 cost. ASBRs advertising different type 2 cost (higher cost) are not considered for LFA evaluation.
Alternate ASBRs advertising type 2 cost for the prefix but are not chosen as primary due to higher cost to reach ASBR are considered
for LFA evaluation.The inequalities for evaluating alternate ASBR for type 1 and type 2 costs are same,
as the alternate ASBRs with different type 2 costs are pruned and the evaluation is based on
equal type 2 cost ASBRS.When RFC1583Compatibility is set to enabled, multiple ASBRs belonging to different area
advertising same prefix are chosen based on cost and hence are valid alternate ASBRs
for the LFA evaluation. The inequalities described in
are applicable based on forwarding address and cost type advertised in External LSA.Type 5 routes always get preference over Type 7 and the alternate ASBRs chosen for LFA
calculation should belong to same type. Among Type 7 routes, routes with p-bit and forwarding
address set have higher preference than routes without these attributes. Alternate ASBRs
selected for LFA comparison should have same p-bit and forwarding address attributes.The alternate ASBRs selected using above mechanism described in ,
are evaluated for Loop free criteria using below inequalities.
This section explains the additional considerations in various aspects as listed below to the base LFA specification .
Section 3.5 and 3.6 of describe procedures for excluding nodes and links from use in alternate paths based
on the maximum link metric (as defined for IS-IS in or as defined in for OSPF).
If these procedures are strictly followed, there are situations, as described below, where the only potential alternate available which satisfies
the basic loop-free condition will not be considered as alternative.
In the simple example network, all the link costs have a cost of 10 in both directions, except for the link between S and N2. The S-N2 link has a cost
of 10 in the forward direction i.e., from S to N2, and a cost of MAX_METRIC (0xffffff /2^24 - 1 for IS-IS and 0xffff for
OSPF) in the reverse direction i.e., from N2 to S for a specific end-to-end Traffic Engineering (TE) requirement of the operator. At node S, D1 is reachable through N1 with cost 20, and D2 is reachable
through N2 with cost 20. Even though neighbor N2 satisfies basic loop-free condition (inequality 1 of ) for D1, S's neighbor N2 could be
excluded as a potential alternative because of the current exclusions as specified in section 3.5 and 3.6 procedure of .
But, as the primary traffic destined to D2 continues to use the link and hence irrespective of the reverse metric in this case, same link MAY be used
as a potential LFA for D1.
Alternatively, reverse metric of the link MAY be configured with MAX_METRIC-1, so that the link can be used as an alternative while meeting the operator's TE requirements and without having to
update the router to fix this particular issue.
Section 6.2 and 6.3.2 of state that multi-topology OSPF and IS-IS are out of scope for that specification.
This memo clarifies and describes the applicability.
In Multi Topology (MT) IGP deployments, for each MT ID, a separate shortest path tree (SPT) is built with topology specific adjacencies, the
LFA principles laid out
in are actually applicable for MT IS-IS LFA SPF. The primary difference in this
case is, identifying the eligible-set of neighbors for each LFA computation which is done per MT ID. The eligible-set for each MT ID is determined
by the presence of IGP adjacency
from Source to the neighboring node on that MT-ID apart from the administrative restrictions and other checks laid out in
. The same is also applicable for MT-OSPF or different AFs in
multi instance OSPFv3 .
However for MT IS-IS, if a "standard topology" is used with MT-ID #0 and both IPv4
and IPv6 routes/AFs are present, then the condition of network congruency is applicable for LFA computation as well.
Network congruency here refers to, having same address families provisioned on all the links and all the nodes of the network with MT-ID #0.
Here with single decision process both IPv4 and IPv6 next-hops are computed for all the prefixes in the network and similarly with one LFA
computation from all eligible neighbors per , all potential alternatives can be computed.
This document has no actions for IANA.
Thanks to Alia Atlas and Salih K A for their useful feedback and inputs.
Thanks to Stewart Bryant for being document shepherd and providing detailed review comments.The following people contributed substantially to the content of this
document and should be considered co-authors.
Existing OSPF security considerations
and stronger authentication and manual key management
mechanisms are specified in SHOULD be considered for OSPF deployments. Security concerns for IS-IS are addressed in and .
Further security analysis for IS-IS protocol is done in SHOULD be considered for IS-IS deployments.
This document does not introduce any change in any of the
protocol specifications discussed here and also this does not introduce
any new security issues other than as noted in the LFA
base specification .