Just FYI ... An interesting discussion on nanog/cisco-nsp lists ... started innocent with SRv6 bashing, now went into IGP - specifically ISIS territory :)
---------- Forwarded message --------- From: Saku Ytti <s...@ytti.fi> Date: Thu, Jun 18, 2020 at 12:43 PM Subject: Re: Devil's Advocate - Segment Routing, Why? To: Robert Raszuk <rob...@raszuk.net> Cc: Mark Tinka <mark.ti...@seacom.mu>, na...@nanog.org <na...@nanog.org>, cisco-nsp NSP <cisco-...@puck.nether.net> On Thu, 18 Jun 2020 at 13:28, Robert Raszuk <rob...@raszuk.net> wrote: > To your IGP point let me observe that OSPF runs over IP and ISIS does not. That is first fundamental difference. There are customers using both all over the world and therefore any suggestion to just use OSPFv3 is IMHO quite unrealistic. Keep in mind that OSPF hierarchy is 2 (or 3 with super area) while in IETF there is ongoing work to extend ISIS to 8 levels. There is a lot of fundamental differences between those two (or three) IGPs and I am sure many folks on the lists know them. Last there is a lot of enterprise networks happily using IPv4 RFC1918 all over their global WAN and DCs infrastructure and have no reason to deploy IPv6 there any time soon. If you are serious about converging to a single IGP I would rather consider look towards OpenR type of IGP architecture with message bus underneath. On Thu, 18 Jun 2020 at 13:43, Saku Ytti <s...@ytti.fi> wrote: I view the 802.3 and CLNS as liability, not an asset. People who actually route CLNS are a dying breed, think just DCN of a legacy optical. Many platforms have no facilities to protect ISIS, any connected attacker can kill the box. Nokia handles generated packets classification by assigning DSCP value to application then DSCP to forwarding-class, which precludes from configuring ISIS qos. Very few people understand how ISIS works before ISIS PDU is handed to them, world from 802.3 to that is largely huge pile of hacks, instead of complete CLNS stack implementation. There is no standard way to send large frames over 802.3, so there is non-standard way to encap ISIS for those links. Also due to lack of LSP roll-over, ISIS is subject to a horrible attack vector which is very difficult to troubleshoot and solve. -- ++ytti
_______________________________________________ Lsr mailing list Lsr@ietf.org https://www.ietf.org/mailman/listinfo/lsr
