Multi-Instance ISIS
draft-previdi-isis-mi-mt-01.txt
Stefano Previdi - sprevidi@cisco.com
Les Ginsberg - ginsberg@cisco.com
Mike Shand - mshand@cisco.com
Abhay Roy - akr@cisco.com
Dave Ward - dward@cisco.com
IETF-69
Chicago
IETF69-Chicago-July 2007
-
July 26, 2007
1
MI-ISIS
Introduction
• ISIS extension (YAT)
• Allows separate ISIS instances to share
nodes and links
• Allows routing and non-routign info to be conveyed and stored in
separate LSPs
separate flooding schemes
separate LSDBs
• Full Topology isolation
• Ships in the night approach
• Mechanism used to mark packets with
instance membership
IETF69-Chicago-July 2007
2
Update to first version
Interoperability issues
• Broadcast Networks
• Use of dedicated multicast address for non-zero IID
• Per level address
• Hide MI-ISIS packets to non-MI capable routers
• MI routers MUST discard packets if:
The destination multicast address is AllL1IS or AllL2IS
and the PDU contains an IID TLV with non-zero value
The destination multicast address is one of the two new
addresses and the PDU contains an IID TLV with a zero
value or has no IID TLV
• Note: still misbehaviour may happen if AllL1IS/ AllL2IS are
improperly used for non-zero IID.
IETF69-Chicago-July 2007
3
Update to first version
Interoperability issues - History
• Different choices have been evaluated
1. Different Mcast addresses.
Gives isolation at little cost. Any implementation which
does not properly filter mcast addresses today is
already at risk for meltdown.
2. Ethernet II frame with new type.
Implementations are not expecting IS-IS PDUs in
anything other than 802.3 format. This option requires
major changes.
3. Combination of 1 and 2.
Adds little if no benefit.
IETF69-Chicago-July 2007
4
Multi-Instance ISIS
draft-previdi-isis-mi-mt-01.txt
Stefano Previdi - sprevidi@cisco.com
Les Ginsberg - ginsberg@cisco.com
Mike Shand - mshand@cisco.com
Abhay Roy - akr@cisco.com
Dave Ward - dward@cisco.com
IETF-69
Chicago
IETF69-Chicago-July 2007
-
July 26, 2007
5