502 16. Network Design except for the bare minimum needed to bring up the iBGP transport mesh. Once the iBGP transport mesh has been brought up BGP carries all IP information including link- local IP sub-net prefixes. That design choice is no real choice – it is paramount – all the other options depend on what you expect from the network and what is doable with the prevailing hardware/ software combination. Ultimately, one has to listen to what end- customers are expecting and what kind of services have to be modelled on top of that backbone. For good network designs there are two important insights. First, you always have to make a compromise. Networks are complex and changes of any kind have multi- dimensional impact. If you optimize on one direction then you deliberately have to jeop- ardize the other. So pick carefully which of the three areas you want to optimize on: scalability, stability or convergence. While it would be a highly desirable goal to maxi- mize all three, in practice you can only optimize on two. The second insight is an old rule of systems design – keep it simple. Before exploring complex matters of route leaking and multi-level designs, first answer the question as to whether you really need all that com- plexity. Would the network work even if you go with a single level design, and what would be the overall scalability impact? Practical experience says that modern IS-IS implemen- tations are more scalable than people think, and keep some sanity, sometimes network designers try to seek solutions for non-existent problems. 17 Future of IS-IS 503 Writing a book about IS-IS is a never-ending task. During the writing of this book a lot that was originally planned for this future chapter got implemented in routing software and is now available and deployed in the Internet. It became clear to the authors that whatever we put into this chapter would just be a snapshot of the thoughts and published Internet drafts at one particular time. You will find a lot of proposals here that may make their way into final products, and some ideas that will ultimately be tossed aside. This chapter is about a whole spectrum of IS-IS extensions, ranging from very ambitious pro- jects like Generalized MPLS (G-MPLS) to very pragmatic ones like iBGP auto-discovery. However, this chapter is not limited to just a snapshot of the Internet drafts in mid 2004. The IS-IS universe is ever-expanding, and we will have to ask if it is a legitimate concern to enhance the IS-IS protocol at all costs, particularly for functions that it was not ori- ginally designed for. 17.1 Who Should Evolve IS-IS? IS-IS is evolved by different standards bodies. The IETF is supposed to refine specifica- tion of IP-related extensions, and the ITU ought to take care of any modifications to the base specification. As part of the agreement between the IETF and ITU, there is a div- ision of the assignable TLV space. The ITU is supposed to assign the lower 127 TLVs, and the IETF has been given the upper 127 TLVs. However, as shown in Chapter 13, “IS- IS Extensions”, the IETF got away from their home turf and published specifications that are outside their assigned responsibilities – the Multi Topology Extensions and all generic IS-IS functions like Traffic Engineering, Authentication and Checksumming related TLVs (222, 22, 10, 12) violate this division. These TLVs have been specified and submitted in a time-to-market fashion, mostly to overcome the slow decision-making process within the ITU. There are voices in the IETF that would either force the two stan- dards bodies to work together, or completely transfer responsibility for the IS-IS protocol from the ITU-T to the IETF. Dr Tony Li, once, IETF ISIS-WG chair, proposed just this merging once on the IETF ISIS-WG mailing list. Let me offer a germ of an idea: As has been pointed out, there is a great deal of overlap between the actual folks doing the work in both organizations. No matter where we host it, it’s the same folks, doing the same thing. Why then, does it really matter, where the group is hosted? Why not have just one joint, integrated working group, which reports to two bodies? This way, the group has the clear authority to issue definitive documents. These documents get published as BOTH ISO standards and RFCs. The involvement of different standards bodies raises a plethora of issues. Because the IETF is not the “owner” of IS-IS, none of its documents go on the IETF standards track process. The standards track is a multi-year process that ensures protocol maturity and interoperability between different vendors. All the different stages of the maturity process is documented as RFCs and at the end of the standards track process there is promotion of the protocol to an Internet Standard, which not many documents achieve. As soon as the Internet Standard status is reached, the document becomes a normative reference in the ITU sense. Although the ITU’s standards track process may take several years, one could argue that the ITU is much faster in this respect. The difference between the two standardization bodies is how they approach and handle standardization. In the IETF, things are pretty much evolution driven: the IETF defines a problem, Internet drafts get published and in many cases the equipment vendors ship software based on the Internet drafts, which are at this point not normative references at all. This process has the advan- tage of getting a new IS-IS feature deployed quickly, sometimes within six months (at the risk of changing the software several times unless the Internet draft has matured). In the ITU, there is much more emphasis on getting the first document flawless through rigid reviews and (of course) plenty of time. The ITU believes that specifications have to be finalized before they can be used in actual product shipments. While that approach is much more “clean slate”, it runs the risk of missing the market during all these time- consuming review cycles. Meanwhile, the ITU has practically resigned from the task of evolving IS-IS. All of the work is done in the IETF. But because the ITU still formally owns the base protocol, the IETF must not publish any IS-IS-related RFCs as standards track RFCs, but rather as informational RFCs. Informational RFCs do not have the status of a normative specification – they are just supposed to make sure that things are documented. However, there is a paradox in that the ISIS-WG is the only valid source for further IS-IS development, and yet has to publish all IS-IS extensions as non-normative documents, the informational RFCs. Moreover, the ITU refers to the published IS-IS informational RFCs, and therefore is blessing the “informational” RFCs as normative references! The double standardization, or lack of it, remains a real problem in the IS-IS community. And there are no signs that the situation will get better. Reunion of the IP and optical layer through G-MPLS will be the next severe challenge for the two IS-IS standardiza- tion bodies. Then there will be a full clash in terms of responsibility. Transmission net- works are a true domain of the ITU, and recently all the IS-IS control plane-related extensions have been done at the ISIS-WG inside the IETF. It is the authors’ opinion that the ITU should formalize what is the de facto status today and transfer responsibility for IS-IS to the ISIS-WG in the IETF and promote all IS-IS related extensions to IETF stand- ards track documents. 17.2 G-MPLS A networking stack in a service provider’s network looks quite different today than it looked not long ago. Figure 17.1 shows a typical networking stack of the 1990s: there are several layers of networking protocols transporting the IP application. IP is wrapped on top of ATM, which performed traffic engineering functions. Next, there is a SONET/SDH 504 17. Future of IS-IS layer that is necessary for provisioning fixed pipes for the ATM trunks. Finally the SONET/SDH frame needs DWDM and Optical Cross Connect (OCX) technologies to get transported over the fibre. Compare this relatively massive layering to today’s networking layers. ATM got elim- inated due to the rise of MPLS. SONET/SDH is no longer used for provisioning circuits. The only remnants of SONET/SDH technology is the frame format. Today, IP is trans- ported almost natively over a DWDM infrastructure. There has been a massive consolida- tion of transport technologies. The rise of IP technology set a trend here: either a networking layer gets eliminated or its functions are ported into an IP routing or signalling protocol. MPLS is a good example here: a lot of ATM functions, such as the idea of source rout- ing, CSPF and label swapping, made their way into a set of IP protocols. If you continue that trend, then IP will again likely control the next layer of networking beneath. This is the optical layer. 17.2.1 Problems in the Optical Network Today The optical layer today is a closed network by itself. It consists of optical amplifiers and cross-connects which multiplex and de-multiplex wavelengths over optical fibres. All optical paths are provisioned manually. The manual nature of optical provisioning is quite counterintuitive – the strange thing about optical networks is that although almost every- thing is standardized, there is no open signalling protocol to set up optical channels and trails. As a result of this lack of a sound provisioning protocol, optical vendors have come up with their own proprietary software that does not interoperate with other vendors’ methods. Service providers in general source equipment from several vendors, because they do not want to invest completely in proprietary technologies and get locked into a certain vendor’s technology. As a result, the lowest common denominator is often picked and service providers set up their optical trails manually. The disadvantage of manual provi- sioning is obvious: too often it is tedious and error-prone. Much worse, it is time-consuming and it is not attractive to vendors if they keep losing customers because of too slow provisioning procedures. The manual setup of optical channels creates the environment that the IP world has to live in. This is known as overlay network. Overlay networks and their impact and scaling G-MPLS 505 ATM DWDM / OXC IP TDM F IGURE 17.1. In the 1990s there were several layers of transport layers, most of them performing redundant functions damage to link-state routing protocols were explained in Chapter 14, “Traffic Engineering and MPLS”. The cost of transporting IP data is today increasingly questioned, and the main problem of the high cost of IP transport is the lack of any real underlying topology that is tuned to IP. 17.2.2 Cost of Transport Consider Figure 17.2, where the underlying optical topology consisting of optical ampli- fiers and cross-connects that connects the higher level IP topology is much more diverse and complex. Although to the IP topology, the trail from London to Frankfurt appears to be attractive, considering the full network stack reveals a different picture. It is quite expensive to relay IP traffic between London and Frankfurt as the traffic has to pass through several regeneration stages on its way between the two cities. The overall cost of transmission is dominated by the number of regenerator hops of the optical topology. If the IP world would have had the full picture of the underlying topology, it could produce more accurate IP costs that would reflect the real cost of transmission. G-MPLS fixes the above two problems: it offers a unified routing and signalling layer for both the IP and the optical world. First, IP nodes can gather the structure of the optical topology and calculate the cost for IP transport accordingly. Next, optical com- ponents can signal optical channels using a standardized protocol (RSVP-TE). Transitioning from the prevailing method of running the optical and IP network as dis- joint networks to a full G-MPLS model requires three main migrations. 1. Transitioning from pure manual provisioning to a full signalled environment 2. Transitioning from the world of vendor proprietary protocols to the IP world of open protocols 3. Opening the optical layer to devices to the routing layer Taking those three steps requires a lot of changes. Not every network service provider is willing to take all three steps at once. There is more demand for a constant evolution of networks than a rapid revolution, with the admirable goal of not destabilizing the net- work. Also, consolidation of networking elements has to pay off at the end of the day. Further reduction of operating expenses is the main driver for the G-MPLS ideas. However, many teams at service providers, especially optical groups, fear that their jobs may become obsolete if they pass on too much control to a consolidated, unified control plane. Today, full-scale G-MPLS causes much anxiety and so many service providers try to split up the migration into a two-step migration model. The first migration step is called the overlay model and the second step is called the peer model. The two models do not contradict each other, they can be seen more as complementary steps. Many optical vendors use the term hybrid model to reflect the fact that both models can be implemented at the same time. 17.2.3 Overlay (UNI) G-MPLS Model The overlay model can best be characterized taking migration Step 1 and 2 (outlined above) towards G-MPLS, but not taking Step 3. So the optical topology is beefed up and now encompasses dynamic signalling using IP routing and signalling protocols; however, 506 17. Future of IS-IS it does not yet reveal the topology of the optical domain to the IP routing layer. The router is typically treated as a client and the interface to the routers is termed a User to Network Interface (UNI). Consider Figure 17.3 where the router is requesting a direct link between Munich and Washington. The optical core now tries to find an optical trail with the low- est number of regeneration stages and sets up the path. Once the path is up and running, the IP world treats that path just as if it were a real physical interface and includes it in the flooding topology of the IP world. Setting up G-MPLS 507 Optical Topology IP Topology oc-48 metric 4 oc-48 metric 4 oc-48 metric 4 oc-48 metric 4 oc-48 metric 4 oc-48 metric 4 Frankfurt London Paris Amsterdam Madrid FIGURE 17.2. The cost of transmission may vary from the IP cost due to the lack of visibility between the networking layers many optical trails using UNI-like signalling creates about the same problem ATM net- works had, and is the reason most ATM networks have now been abandoned. As UNI inter- faces, the optical trails make you create another overlay network, only this time on the optical layer. Chapter 14, “Traffic Engineering and MPLS”, gives some reasons as to how overlay networks stress the IGPs and often produce strange routing decisions. Hiding the topology creates many support-related problems too. If the IP team does not know where 508 17. Future of IS-IS Optical Topology IP Topology oc-48 metric 4 oc-48 metric 4 oc-48 metric 4 oc-48 metric 4 oc-48 metric 4 oc-48 metric 4 Optical UNI Interface Optical UNI Interface Frankfurt London Paris Amsterdam Madrid FIGURE 17.3. By connecting the router with a UNI interface the optical topology is not revealed to the IP routers their core trunks are routed, the Network Operations Center will have a hard time cor- relating local link faults to the global faults of the LSP mesh. Therefore it is essential to convey how the real optical path looks to the routers. Unfortunately, due to the UNI-like separation between optical network and client (router), there is little room for giving such feedback. A place where this kind of information could live is the Route Record Object (RRO) that should return the real path that a label switched path is taking. Research groups have identified the modifications to the RRO necessary to accommodate optical paths that have been computed and set up outside the IP domain. It remains questionable from a philosophical standpoint why at first hiding everything, and then eventually dis- closing it, is a consistent and repeated model, but an odd one to base a networking archi- tecture upon. The overlay (UNI) model is a nice start for deploying the new G-MPLS routing and signalling protocols. It gives the optical engineers exposure to the IP world of addressing, signalling and routing, which is certainly a non-technical challenge. As soon as you want to roll it out on a larger scale, the inherent technical scaling limitations of optical net- works are revealed. You clash completely with the restrictions of overlay networks and get a déjà vu of recent times when ATM overlay cores were pushing the limits of existing technology, a whole seven years ago. In order to not repeat the mistakes from the past, the full-scale G-MPLS deployments need to have complete vision into the underlying optical topology, which is what the peer G-MPLS model describes. 17.2.4 Peer G-MPLS Model The G-MPLS peer model represents the full conclusion of all three migration steps. The idea is that all components in a network, including • Packet switches (routers) • TDM switches (SONET/SDH cross-connects (TXC)) • Optical switches (lambda and fibre cross-connects (OXC)) all run an instance of a common routing and signalling protocol. The common routing protocol could be enhanced versions of IS-IS or OSPF. It is the authors’ opinion that IS-IS finally will prevail as the routing protocol of choice in the unified routing cloud. IT will most likely be IS-IS mainly because IS-IS has been successfully deployed on a larger scale in IP networks, but also because the core IP routing teams do not want to run the risk of destabilizing the network by introduction of a new protocol. There is a belief in the mar- ket that IS-IS scales much better than anything else, but that belief is largely because of implementation issues. The fact is that the only well-implemented, multivendor IGP today is IS-IS. By continuing on its evolutionary path, IS-IS will remain, at least in the minds of network service operators, the IP IGP that scales, and therefore will likely be the can- didate for a deployment of thousands of G-MPLS nodes in a given domain. In G-MPLS each component in the network runs a control plane either in-band or out-of-band. That is a shift from pure IP routing, where routing protocols were always running on an in-band channel (in-band just means the signalling and traffic travel on the same channels). There is an Internet draft (draft-ietf-ccamp-lmp) which describes the G-MPLS 509 Link Management Protocol (LMP) that allows the control planes of G-MPLS devices to talk to each other without the need for an in-band control channel. Figure 17.4 illustrates the concept of an out-of-band control plane. Suppose there are three interfaces between a pair of optical cross-connects that need to get advertised. As we cannot run IS-IS on those three links in-band, we must utilize the Link Management Protocol for discovering the bandwidth, the ID, and the state of each link and report it back to IS-IS. LMP goes through three stages: 1. Control Channel (CC) start up 2. Interface discovery and TE-ID mapping 3. Interface testing First, a control channel is brought up. During that step, two-way connectivity is verified and the Control Channel IDs (CCiDs) are exchanged. The control channel 510 17. Future of IS-IS Frankfurt OXC London OXCAmsterdam OXC Out of band channel Out of band channel Out of band channel Out of band channel LMP LMP LMP LMP Frankfurt London FIGURE 17.4. The Link Management Protocol features out-of-band control plane interaction Frankfurt OXC Amsterdam OXC out of band channel 62 41 54 55 77 88 89 90 17 18 Local 62 41 54 55 77 Remote 88 89 90 17 18 Status Up Up Up Down Up Local 88 89 90 17 18 Remote 62 41 54 55 77 Status Up Up Up Down Up LMP FIGURE 17.5. The Link Management Protocol allows control planes to discover interfaces and update interface state additionally features high-speed detection of control plane failures and generates Hello messages typically at the pace of every 150 ms. Figure 17.5 illustrates the next step, where both systems report and mutually discover the interfaces as well as the TE-IDs of those interfaces. Part of this discovery phase is also to find out about the interface switching type, which could be packet, TDM or lambda- based. Finally, all the interfaces are verified and reported either as up or down. Once IS-IS learns about all the interfaces and interface properties such as bandwidth, TE-ID, and switching capability it has enough information to update its link-state PDU and advertise the link properties between the two switching nodes as sub-TLVs in the extended IS-Reach TLV #22. In the next section there is a list of these sub-TLVs and their contents. IS-IS now has full visibility of all interfaces in the network and the interface switch- ing capabilities. However, relaying of user traffic is not yet possible at this point. The higher switching layers like the packet or TDM switching devices still rely on the bring- ing up of the optical switching layers first. Consider Figure 17.6 for an example of how the optical switching layers are brought up. 1. The TDM cross-connect in Paris signals that it needs a lambda (wavelength) capable of transporting an OC-192c/STM-64 (10 Gbps) frame to Amsterdam via RSVP-TE. As the cross-connect in Paris now has complete knowledge of the optical topology, it could also predetermine the route or base it on constraints like hop count, delay, etc. 2. The lambda between Paris and Amsterdam can now be used for carrying higher layer traffic. In order to make it available to the higher switching layers, the routers use a technique called forwarding adjacencies. Chapter 14, “Traffic Engineering and MPLS”, contained a short introduction to forwarding adjacencies and an example of how an existing TE tunnel is re-advertised in the IS-IS topology. In G-MPLS a similar technique is used. Whenever a lower switching layer sets up a tunnel, it re-advertises the TE-Tunnel in the higher switching layer. The forwarding adjacency needs to be marked so that the lambda switching layer does not “see” the adjacency anymore (for the reasons why this must happen, see Chapter 14). G-MPLS marks forwarding adjacencies by means of the Switching Capability field. In the example, the lambda tunnel between the TDM cross-connects gets advertised as an OC-192c/STM-64 pipe that has TDM switching capabilities. Each lambda cross-connect will ignore any adja- cency of a lower switching layer for consideration of LSP setups at its own level in the networking hierarchy. 3. The router in Madrid signals via RSVP that it needs a TDM channel of SONET/SDH OC-48c/STM-16 speed (about 2.5 Gbps) to London and provides the desired path. After successful path establishment the TE tunnel is again re-advertised as a higher switching layer forwarding adjacency. This time the signalled OC-48c/STM-16 pipe gets re-advertised and marked as an interface with packet switching capabilities. This will “poison” it for any TDM switch and make it usable only by other routers. 4. The router now has a packet switching-capable tunnel between Madrid and London. The final step is to signal a packet Label Switched Path from a local POP router in the G-MPLS cloud (Madrid in this case) to any other (London) via RSVP and make use of the additional OC-48c/STM16 pipe by forwarding IP traffic down the packet switching Label Switched Path. Note that the IP routers in Paris, Amsterdam, Frankfurt are still G-MPLS 511 . within the ITU. There are voices in the IETF that would either force the two stan- dards bodies to work together, or completely transfer responsibility for the IS-IS protocol from the ITU-T to the. As part of the agreement between the IETF and ITU, there is a div- ision of the assignable TLV space. The ITU is supposed to assign the lower 127 TLVs, and the IETF has been given the upper 127. a common routing and signalling protocol. The common routing protocol could be enhanced versions of IS-IS or OSPF. It is the authors’ opinion that IS-IS finally will prevail as the routing protocol