Selection of Loop-Free Alternates for Multi-Homed Prefixes
RFC 8518

I second Ben's question on the IPR issue.

Thanks for the work everyone did on this document.

---------------------------------------------------------------------------

Please expand the following acronyms upon first use and in the title;
see https://www.rfc-editor.org/materials/abbrev.expansion.txt for guidance.

 - LFA - Loop-Free Alternate
 - FRR - Fast Reroute
 - AS - Autonomous System
 - LSA - Link State Advertisement

Thanks for doing this work!

(1) I've read rfc5286, but I still had to go back to it to refresh my memory of the Inequalities...even to make sure that I was understanding/remembering the inequalities in §2 correctly.  I think it would be good to (1) include some text to go over (in plain English) what the inequalities are saying, and, (2) "show your work" (at least reference where the corresponding Inequalities came from in rfc5286).  IOW, add text to describe the inequalities in Figures 1, 6 and 7.

(2) §3 says both that "a computing router S MUST follow one of the appropriate procedures below, for each alternate neighbor N", and "the computing router SHOULD evaluate one of the corresponding LFA inequalities, as mentioned in Figure 1, once for each remote node that originated the prefix".  First off, MUST != SHOULD.  Also, it seems to me that "each alternate neighbor" is not the same as "each...node that originated the prefix".  However §3.1 points out that they are the same (or, I guess, at least equivalent): "[RFC5286] Section 6.1 recommends that a router computes the alternate next-hop for an IGP multi-homed prefix by considering alternate paths via all routers that have announced that prefix and the same has been elaborated with appropriate inequalities in the above section".  Please clarify what is meant with the different terminology, or (maybe better) use the same words.

(3) The document doesn't explain what a multi-homed prefix is.  There are some hints throughout the text, but I couldn't find a clear definition.   rfc5286 has a description in §6.1, but about "multi-homed routes".  For clarity, the document would benefit from a couple of sentences in the Introduction...

(4) This document uses MAX_METRIC to describe constants in IS-IS and OSPF: "0xffffff /2^24 - 1 for IS-IS and 0xffff for OSPF" (§5.1).  However neither protocol use MAX_METRIC as the name for those values: OSPF uses MaxLinkMetric (rfc6987) and IS-IS simply "maximum link metric" (rfc5305).  I think that it is ok to use the term MAX_METRIC in this document, but please be clear on what it is from the start (in the Introduction).

BTW, Figure 8 uses MAX_MET (not MAX_METRIC)

(5) §3.1: "The approach specified here MAY also be applicable for handling default routes as explained in Section 3.2." I think that MAY is out of place because it is pointing out a fact, and there doesn't seem to be a normative behavior attached. s/MAY/may

(6) §3.2: "...when multiple ECMP L1/L2 routers are reachable in an L1 area corresponding best LFAs SHOULD be given for each primary next-hop associated with default route".  I don't know what this sentence says.  Please clarify.  Specifically, what does "SHOULD be given" mean?

(7) §4.1: "LFA evaluation for multi-homed external prefixes in IS-IS is similar to the multi-homed internal prefixes."  The text says "similar", but no differences are mentioned...is it similar, or the same?

(8) Do we really still have to worry about RFC1583Compatibility?  Just wondering...

(9) The document could benefit from a grammar-focused review as many articles (the, an, a) are missing.

(10) "proceed to step 4c" in Figure 5 seems to not be needed.

Thanks for the work on this. I have a couple of minor comments:

 - There is an IPR disclosure with possible royalties. The shepherd report says there were no comments in the WG. Was the WG reminded of it?

§9: "Existing OSPF security considerations and stronger authentication and
manual key management mechanisms are specified in [RFC7474] SHOULD be
considered for OSPF deployments."

Could this say something stronger than "SHOULD be considered"? I'm fine with the SHOULD part, but simply considering it may not be that helpful.

I was forced to make lots of inferences while reading this document, so
it's pretty likely that some of my comments will not make sense because I
misunderstood the technology.  My apologies in advance, and please help me
to become un-confused.  I think part of this is because the document relies
very heavily on prior knowledge, and could be avoided by sprinkling a few
more words here and there, such as "downstream-paths-only (for micro-loop
avoidance)" or "alternate neighbor N of S".  I've tried to note some more
cases in the section-by-section comments.


The Abstract and Introduction sound like they should be attached to an
Informational document; why is this going for PS?

Section 1.1

   SPF     -  Shortest Path First PDU

Is the "PDU" really entirely silent in the acronym?

Section 2

It might be nice to super-briefly reframe the situation, maybe:

The scenario for LFA protection for MHPs involves protecting a node N in
the path from source S to MHP prefix P, providing an alternate path subject
to constraints on the distance metric, measured as the sum of the cost of
the links traversed by the path.

Perhaps also expand the inequality headers slightly, as "Link-Protection
for PO_i to P is possible via N if:"

      Cost(X,P)    - Cost of reaching the prefix P from prefix
                     originating node X.

Isn't it important to note that the Cost differs from a D_opt in that the
Cost is only defined for what we essentially model here as a link and not a
multi-link path?

Section 3

Are these procedures supposed to terminate when the first LFA is found, or
produce multiple LFAs as output?  (Perhaps this is just an editorial nit,
but "for each alternate neighbor N" and "a valid LFA" would then be a
singular/plural mismatch", and perhaps the "select N as" steps in the
various procedures as well.

The phrase "If alternate neighbor N is also prefix-originator of P"
confused me a fair amount -- the "also" makes me think that what N is a
neighbor of should be the "primary" prefix-originator of P, i.e., PO_best,
but text elsewhere in the document implies that N is a neighbor of *S*, to
be used as the next-hop for forwarding to P.  I guess the intended sense of
the "also" could be more like "if, in addition to being a neighbor, N is
also a prefix-originator of P", but as written it seems ambiguous to me.

   However, if N is not a prefix-originator of P, the computing router
   SHOULD evaluate one of the corresponding LFA inequalities, as

Why is this a SHOULD?

Section 3.1

       In this scenario, E and F both are pre-failure optimal points of
   attachment and share the same primary next-hop.  Hence, an
   implementation MAY compare the kind of protection A provides to F
   (link-and-node protection) with the kind of protection C provides to
   E (link protection) and inherit the better alternative to prefix P
   and here it is A. 

I find that this chunk makes more sense if I read it as "kind of protection
A provides to E" (not F).  Am I just confused?

                                                                  In
   this case, prefix P MUST inherit corresponding LFAs of each primary
   next-hop calculated for the router advertising the same respectively.

Is this MUST a new requirement imposed by this specification or a
restatement of something from (e.g.) RFC 5286?
   
   In summary, if there are multiple pre-failure points of attachment
   for a MHP and primary next-hop of a MHP is same as that of the
   primary next-hop of the router that was pre-failure optimal point of
   attachment, an implementation MAY provide a better protection to MHP
   without incurring any additional computation cost.

I had a hard time understanding why this is the case, most likely because I
don't have a clear picture about what the reference point is for
computational cost (that this is not "additional" to).

Section 4.2.1

This procedure is not super-well-defined if a cost type other than 1 or 2
is encountered.
   
   5. If route type (type 5/type 7)
           5a. If route type is same, check route p-bit,
                  forwarding address field for routes from both
                  ASBRs match. [...]

nit: "check if the route p-bit and the forwarding address field for"

Section 4.2.1.2

   If there are multiple ASBRs not pruned via rules defined in
   Section 4.2.1.1, [...]

nit: I wouldn't exactly say that the rules are *defined* in 4.2.1.1, rather
that they are "described in" or "referred to by" it.

Section 4.2.2.1

Similarly to a previous comment, if we started out with "A neighbor N of S
is a valid LFA to P under the named conditions when the corresponding
inequality holds:", that would seem to help readability a lot.

Section 5.2 

   In Multi Topology (MT) IGP deployments, for each MT ID, a separate
   shortest path tree (SPT) is built with topology specific adjacencies,
   the LFA principles laid out in [RFC5286] are actually applicable for
   MT IS-IS [RFC5120] LFA SPF. [...]

nit: I think this is formally a comma splice as written, and would be
better by adding "so" after the last comma, and maybe expanding to "so the
LFA principles laid out in [RFC5286] are actually applicable on a per-MT-ID
basis for MT IS-IS [RFC5120] LFA SPF."

Section 9

I don't see any new security considerations to mention here, but would
suggest a rewording of the current text for readability:
   
   The existing OSPF security considerations continue to apply, as do the
   recommended manual key management mechanisms specified in [RFC7474].  The
   existing security considerations for IS-IS also continue to apply, as
   specified in [RFC5304] and [RFC5310] and extended by [RFC7645] for KARP.
   This document does not change any of the discussed protocol specifications
   [RFC1195] [RFC5120] [RFC2328] [RFC5838], and the security considerations of
   the LFA base specification [RFC5286] therefore continue to apply.