| Internet-Draft | Flooding Reduction Algorithms Interopera | January 2025 |
| Przygienda & Hegde | Expires 17 July 2025 | [Page] |
This document introduces a framework that makes it possible to deploy multiple flood reduction algorithms within the same IGP domain in an interoperable fashion.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 17 July 2025.¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Scenarios exist where multiple distributed (or centralized) flood reduction algorithms may be deployed simultaneously within an IGP domain. These scenarios necessitate certain co-operative behaviors between the involved algorithms to ensure the correctness of the overall solution. This is true in both permanent and transient (i.e., migration) deployment cases. Fortunately, existing graph theory concepts allow us to provide guidance towards design of algorithms with the necessary properties to ensure their interoperable co-existence.¶
This document presents the necessary requirements for the involved algorithms and the details of a framework for their interoperable deployment. Though running multiple algorithms simultaneously may not be a preferred operational choice, it is necessary if the migration from one algorithm to another while ensuring minimal network disruption is a priority. A migration itself may be caused by discovery of defects in deployed algorithms or deployment of new algorithms offering improvements.¶
This section will outline a framework allowing the operation of multiple different flood reduction algorithms (called "flooding pruners" or "pruners" from here on) in an interoperable fashion.¶
As first important observation upfront, it will become clear later in this section that full, non-optimized flooding presents a special case of a pruner itself. Normal flooding is including all adjacencies without any prunning and hence we name it the "zero-pruner" or "zero" for short.¶
This framework permits maximum of a single active pruner on each node. It allows to change a specific pruner at any time on any subset of nodes in the network while limiting the impact to the node itself and possibly the re-convergence of a set of nodes within its component.¶
A connected component (or component for short) is defined as subset of nodes running the same pruner (denoted as A) where each of the nodes can be connected to all other nodes by a path that traverses only nodes that run A. Observe that there well may be in the network multiple components which are not connected, but run the same pruner. We denote a component for pruner P as P| and if two disjoint components running P are present in the network as P|' and P|''.¶
Observe that zero-pruner also builds components denoted as Z| and its primes.¶
Another way to visualize components is to consider a network running multiple pruners as "islands running non-zero algorithms" that are connected to each other via components running zero pruner (i.e. using normal flooding).¶
A pruner may choose within its component a subset of links to flood while making sure that the component remains connected. In other words, after suppressing flooding on some links within the component there must still exist paths consisting of the remaining links that connect each pair of nodes in the component. We use for those remaining links the term flooding connected dominating set or CDS for short (more precisely, an edge dominating set which is not necessarily loop-free). Such a CDS is colloquially often called "flooding topology" in context of flood reduction algorithms. A simple spanning tree is an easily visualized special case of a CDS. We denote such a CDS for a component A| as A|*. Observe that A|* is not unique for a component (i.e. many different sets of links can be a CDS). Nor is it required that a CDS has to be loop-free (i.e. there may be many different paths on the CDS between two nodes in a component). Therefore, it is not required that all information has to be flooded on the same CDS, for example, LSPs originated by different systems can use a different CDS each.¶
To summarize the section above in simple terms, a pruner must choose at least one set of flooding links that guarantees that all information can reach all the nodes in the component.¶
Any flood reduction algorithm expecting to interoperate with other algorithms without understanding their semantics MUST follow the following rules, otherwise the algorithm is basically a ship in the night and cannot be expected to accommodate other algorithms in the network at the same time.¶
This document does not consider other approaches that guarantee a pruner property on e.g. a clique but assumes that such "ship in the night components" can be considered zero-pruners due to their implicit guarantee of correct flooding to nodes that are part of their component and floods on the edges to all other components.¶
Nodes within a component are free to use any kind of pruner to calculate optimized flooding. Any mode of computation, distributed or centralized will work fine as long as it adheres to Section 2.1.4.¶
The framework allows but does not assume any centralized instance or election in a component. Computation and communication within each component is completely independent of other components.¶
With the exception of a node having to advertise which prunner is active, no configuration is necessary unless the algorithm itself requires it.¶
A node is free to choose a different pruner or zero-pruner at any point in time independent of all other nodes. It may end up in another component or become a zero-pruner with the maximum impact consisting of re-computation within two components that see such node leave or join. For a distributed algorithm, it is likely that only the adjoining nodes have to adjust their pruning decisions. That is to say, the framework allows for node-by-node deployment or migration of pruners without network-wide re-computation of optimized flooding. This is obviously critical to the stability of large networks that may not converge within reasonable time if the whole network were to revert back to zero-prunning due to network-wide impact. However, such behavior cannot be excluded for example in case of election problems due to misconfiguration or topological separation of nodes if the whole network runs a single pruner relying on centralized election. The network itself cannot ensure correctness of a pruner or prevent a pruner having a blast radius of the whole component depending upon the algorithm and signalling used.¶
Though the framework provides extreme operational flexibility when deploying pruners, the most likely scenarios are a node-by-node deployment of a single pruner in addition to zero-pruner or, should the necessity arise, a node-by-node migration to another pruner.¶
Figure 1 illustrates a network with three pruners running. Two components run pruner A and are denoted as A|' and A|'' and one component runs pruner B. Remaining three components run a zero-pruner (annotated as Z|', Z|'' and Z|'''). CDSes within components are shown by indicating the links that were pruned from flooding as crossed out. Additionally, the links that are included to connect the CDS of the component following Section 2.1.4 have been made thicker. Despite multiple algorithms and components being present in the network, the complete graph is obviously still covered by the involved CDSes.¶
Figure 1 also illustrates why the overall CDS can easily be more than just a spanning tree of the overall network. A node seeing its neighbor running another algorithm cannot always decide based on local knowledge whether the link should be included in flooding or not. Such a decision could be based on the overall view of the network using some global tie-breaking algorithm. However, due to the potential long flooding paths and one-link minimal cuts such an algorithm is not considered here but could be proposed in the future.¶
The only signalling necessary is a Sub-TLV of the IS-IS Router Capability TLV-242 that is defined in [RFC7981] with the following format. The Sub-TLV MUST be advertised by a node that is actively running any pruner except zero-pruner and the absence of this Sub-TLV signifies a node being a 'zero-pruner'.¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Algorithm | Version | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
This document outlines framework for modifications to an IGP protocol for operation on high density network topologies. Implementations SHOULD implement the according cryptographic authentication, as described in e.g. [RFC5304], and should enable other security measures in accordance with best common practices for the relevant IGP protocol.¶
The following people have contributed to this draft and are mentioned without any particular order: Jordan Head, Acee Lindem, Raj Chetan and Tony Li.¶