Hi Tanmoy, I think we can say that behavior may be adjusted based on configuration, and thus allow both scenarios to be handled appropriately.
More inline... ------ Original Message ------ Received: Thu, 05 Jul 2012 11:17:46 PM PDT From: Tanmoy <[email protected]> To: "'Michael Barnes'" <[email protected]>, <[email protected]> Subject: RE: [OSPF] ABR/ASBR with clear R-bit? > Hi Michael, > As I understand the Motivation behind using R-Bit in router LSA in > Multi-homed Hosts which just want to learn the routes by participating in > routing but do not want to forward any transit traffic. In this case, the device should not be either ABR or ASBR, so the problem and would only need to advertise its own host address(es). > However I also support your idea to use the R-bit as "... edge router with > hosts attached, and the router is dual homed ...". > > But the question is How a router can determine whether the interface is just > connected to only Hosts not any other router ? > > Lets consider the below topology where RTA and RTB are the router which is > connected to IP network and H2-Hn are the host from a trusted/enterprise > network. > This would be an appropriate scenario where RTC would like to advertise its > LSA with R-bit clear. > > +-----+ +-----+ > | RTA | | RTB | > +--+--+ +--+--+ > | | 200::1/64 > | Area 0 +-----+ | > | | | 200::2/64 | (Area 2) > +-----------+ RTC +-----------+ > +--+--+ > |3::1/64 (Area 1) > | > +---+---+--------+--------+ > 3::2/64| 3::3/64| 3::n/64| > +--+ +--+ +--+ > | | | | | | > +--+ +--+ +--+ > H2 H3 Hn > > Considering above, I agree with you the RTC should advertise 3::/64 to RTA > and RTB such that packet destined to the host should reach RTC and it fwd it > to the host. For RTC, this as if local destined routes. > But if it originates the inter-area prefixe for 200::/64, then RTA will send > the 200::1 destined traffic towards RTC and it will become a transit router. > - this way we will violate the RFC. True that packets from RTA would reach RTB via RTC, but only the packets which are destined to 200::1, thus RTB in this case would be the end system. Therefor it seems to me that the RFC is not violated. > So to avoid this I still, suggest to advertise only host prefixes from the > interfaces. > But to enable the router as " edge router with host attached, and the router > is dual homed.." let the decision be on the implementation. It can either be > a configuration driven to advertise such routes. I agree that allowing behavior to be adjusted by configuration is a good compromise. Regards, Michael > Regards, > - Tanmoy > > > > -----Original Message----- > From: Michael Barnes [mailto:[email protected]] > Sent: Saturday, June 30, 2012 6:21 AM > To: [email protected]; [email protected] > Subject: RE: [OSPF] ABR/ASBR with clear R-bit? > > Hi Tanmoy > > responses inline... > > ------ Original Message ------ > Received: Thu, 17 May 2012 07:04:46 AM PDT > From: Tanmoy <[email protected]> > To: [email protected]: 'Michael Barnes' <[email protected]> > Subject: RE: [OSPF] ABR/ASBR with clear R-bit? > > > Hi Michael, > > > > A couple of ideas... > > > > Firstly we should prevent that other routers do not use the R-bit clear > > Router as transit for reaching the FA. To ensure this, the Router with > R-bit > > clear MUST not originate any inter-area network prefixes. It is allowed to > > originate only inter-area host prefixes (128 prefix length) that > correspond > > to its own interface addresses. [This make sense too since this router > does > > not want to service transit traffic so there is no need to advertise the > > attached networks]. > > I think the above is too restrictive and not very useful. We may as well say > that the ABR with the R-bit clear MUST NOT advertise any inter-area > prefixes. > But I think that is not the right thing to do. Rather the ABR should be able > to advertise inter-area prefixes of any length, but only for prefixes local > to > it (e.g. configured on its own interfaces). I think a common case for having > the R-bit clear is for an edge router with hosts attached, and the router is > dual homed, but should never be used for transit traffic. > > > Additionally : The R-bit clear ASBR can originate the AS-external route > only > > when there is a good chance that there is an alternate path to the FA. To > do > > this, the ASBR can examine the network LSA of the interface corresponding > to > > the FA and check that there is at least one other router with the R-bit > set, > > in which case the LSA can be originated. This part is fully optional and > if > > not followed, may result in AS-External LSAs that are not usable. Anyway, > > the solution presented here is simple and not foolproof for all cases > (e.g. > > there is another router with the R-bit set, but it is reachable to a set > of > > routers in the topology only through the router with R-bit clear). More > > robust but complex solutions are possible ;-) > > My first thought is that "a good chance that there is an alternate path to > the > FA" is not acceptable. Either the ASBR should be able to determine > absolutely > that there is an alternate path to the FA or it should not use that FA. This > is not trivial in the intra-area case, and I don't think it is possible in > the > inter-area case. Therefor my opinion is that an ASBR should only advertise > prefixes which are local to it (like the ABR). > > > With these restrictions/conditions, the following cases need to be > examined: > > > > Case 1 : > > R-bit Clear router is the only ABR for the other area. Based on the > > restriction proposed, the R-Bit clear router will originate only directly > > interface routes as Inter-area routes(with 128 prefix length). This will > > ensure the other router cannot use it as a transit to reach the FA, since > > the network is not visible at all. > > > > Case 2 : > > There is another ABR in the area. In this case, since the other ABR router > > will originate the inter-area route for the FA's network prefix, all > routers > > will consider the other router as the transit router and will calculate > > reachability only through the other router. > > Since I do not agree with your idea to restrict the ASBR to only advertise > its > own /128 addresses, then case 2 will cause traffic to be black-holed. > > Regards, > Michael > > > > Regards, > > - Tanmoy > > > > -----Original Message----- > > From: Michael Barnes [mailto:[email protected]] > > Sent: Tuesday, May 15, 2012 8:37 PM > > To: [email protected] > > Cc: [email protected] > > Subject: RE: [OSPF] ABR/ASBR with clear R-bit? > > > > Hi Tanmoy, > > > > ------ Original Message ------ > > Received: Mon, 14 May 2012 11:24:00 PM PDT > > From: Tanmoy <[email protected]> > > To: "'Mike Dubrovskiy (mdubrovs)'" <[email protected]>, 'Michael Barnes' > > <[email protected]>Cc: [email protected] > > Subject: RE: [OSPF] ABR/ASBR with clear R-bit? > > > > > Hi Micheal/Mike, > > > > > > @Michael : Considering your suggestion I have one question, during SPF > all > > > router would add the Router with R-Bit clear as Stub node. Hence there > is > > no > > > chance where this router being used as transit for forwarding address. > > > > This is true when the router is in the same area as the ASBR. However, if > > the > > router is in another area then it does not have a way to know if the > > inter-area route transits the ASBR or is reachable through another router > in > > that area. > > > > > @Mike : we shall not consider this router to give up the ABR/ASBR > status. > > As > > > Michael said, the router might need to advertise its own directly > > connected > > > routes as Inter or ASE/NSSA routes. > > > > > > I have one suggestion, since the Originator will know BEST about the > > routes > > > its originating, we shall put some restrictions there. > > > Such as.. > > > [1] Router with R-bit clear is allowed to originate AS-External/NSSA > LSA > > > for directly connected routes ONLY. > > > [2] Router with R-bit clear is allowed to originate inter aera LSA to > > other > > > areas for the directly connected routes ONLY. > > > > The two above are essentially the same as what I suggested in my first > > e-mail > > of the thread. :-) > > > > > [3] For all other AS-External/NSSA destination where there is a valid > > > Forwarding address can be derived, the LSA should be originated. > > > All other sources MUST NOT be originated by the Router with R-Bit Clear. > > > > > How does the ASBR know if the FA is reachable not via itself? Should it do > > special type of SPF calculation to see if there is some other path? > > > > Thanks, > > Michael > > > > > Thanks, > > > - Tanmoy > > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > > From: Mike Dubrovskiy (mdubrovs) [mailto:[email protected]] > > > Sent: Tuesday, May 15, 2012 5:06 AM > > > To: Michael Barnes; [email protected] > > > Cc: [email protected] > > > Subject: RE: [OSPF] ABR/ASBR with clear R-bit? > > > > > > Hi Michael, > > > > > > It seems that there's more than one way to skin a cat. > > > > > > How about this one: > > > > > > Router with R-bit cleared should be area internal router. > > > In case if R-bit is cleared on ABR or ASBR, the router must give up the > > > ABR/ASBR status. > > > > > > Mike > > > > > > -----Original Message----- > > > From: [email protected] [mailto:[email protected]] On Behalf Of > > > Michael Barnes > > > Sent: Monday, May 14, 2012 12:05 PM > > > To: [email protected] > > > Cc: [email protected] > > > Subject: Re: [OSPF] ABR/ASBR with clear R-bit? > > > > > > Hi Tanmoy, > > > > > > I agree, this is an interesting use case. However, we must be careful to > > > handle it correctly. Consider, for example, when the only path to the > > > forwarding address is through the ASBR which has the R-bit cleared. > > > Routers in the same area as the ASBR would be able to determine this > > > without any trouble and not use the ASBR for transit. We need to > > > consider that the ASBR may be advertising local routes as externals, and > > > these should be reachable via the ASBR even when the R-bit is clear. If > > > the forwarding address shares the same prefix, then it would also be > > > reachable in this scenario. So how do other routers determine which > > > external prefixes are reachable, or not, via the ASBR with the R-bit > > > cleared? In particular, the routers which are in other areas? > > > > > > I can think of a couple of ways. A simple one would be for the ASBR to > > > advertise the FA with an infinite metric. This would allow routers to > > > calculate another path to the FA, if one is available, while ensuring > > > the the ASBR itself would not be used as the transit to the FA. While at > > > the same time allowing reachability to prefixes local to the ASBR, of > > > course the local prefixes would not be advertised with the same FA. > > > > > > Thanks, > > > Michael. _______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf
