Ahmed,I believe that the so-called protected Adj-SID simply means that if the link that it represents fails, it can be replaced with the Node-SID of the node at the remote end if the adjacency. It does not help at all if the downstream node fails.
Sent from Yahoo Mail on Android On Tue, Nov 28, 2017 at 11:02, Ahmed Bashandy (bashandy)<[email protected]> wrote: Stewart, I am sure you are aware that ISIS and OSPF adj-SID advertisements indicate whether an adj-SID is protected or not. If the ingress router decided to use a protected adj-SID for a policy, then the protection of such adj-SID is within the policy. Ahmed On 11/28/2017 7:15 AM, Stewart Bryant wrote: > > > On 28/11/2017 12:04, Ahmed Bashandy (bashandy) wrote: >> >> - The top label of incoming packet to node "S" is either a prefix SID >> owned by node "F" or an adjacency SID for (S,F) > > If it is an adjacency SID for (S,F) then you are violating the > original intent of the ingress PE which was to send the packet along > the path S->F. I really don't think you can blindly repair such a > packet since to do so violates the policy applied to the packet. You > have to do a policy check, and you have to make sure that the packet > is not subject to ECMP along the repair path since ECMP avoidance > might have been the intent of using the SR Adjacency in the first place. > > - Stewart _______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
_______________________________________________ rtgwg mailing list [email protected] https://www.ietf.org/mailman/listinfo/rtgwg
