At 02:43 AM 2/17/2005, Alex Zinin wrote:
In section 2.3, the spec currently says that "For an alternate to be
link-protecting, it must be loop-free with regard to the pseudo-node." I'd
to discuss this a bit.
LAN segments today are implemented using some sort of active equipment, most
often L2 switches. Hence, we have two types of failure cases, associates with
LANs: a) failure of a link between a router and the switch, and b) failure of
the switch. The current text essentially suggests to always be pessimistic and
assume that a link failure disables the whole segment.
Alia, could you comment on why you think we should be more pessimistic here
and always shoot for PNode-protecting in this case, rather than distinguish
between link protection and, say, segment protection?
The worst-case failure associated with the LAN is that the whole link
fails. So, on one hand, an alternate that avoids the pseudo-node is the
most protective that one can get in ref to that link.
It would be possible to have an alternate that just avoids that particular
pseudo-node to primary neighbor link (as seen in the translated topology);
I assume that this could only be triggered by BFD reporting the inability
to reach the primary neighbor via that link.
In the absence of BFD, one can detect an ethernet failure if it is local or
via the RFI notification, if there are no L2 switches in the way.
I don't think that it's straightforward to provide an alternate that avoids
a particular L2 switch - simply because the topology information isn't
known. One could use SRLGs to provide this. I'm not certain how much
benefit having the segment protection would provide without this.
In general, we want the most protective alternate that can be found. In
the event of a worst failure than was protected for, we have the concerns
about forwarding loops via the alternates being possible.
If you think it is useful, we could discuss segment protection as well in
the draft. I didn't because we want the best protection possible, because
we don't know the L2 topology, and because supporting segment protection
requires BFD or a mechanism for detecting which segment has failed.
On another note, the only type of alternate that could go through the
pseudo-node would be an alternate next-hop explicitly through the
pseudo-node to a different neighbor or one that doesn't provide node
protection. In other words, the alternate next-hop itself would have to be
across that pseudo-node; the path from the alternate neighbor can't go
through the pseudo-node, because the alternate neighbor is using the SPT
and the SPT from the pseudo-node is to that primary neighbor.
Rtgwg mailing list