search

aristanetworks / avd

Arista Validated Designs
https://avd.arista.com
Apache License 2.0
290 stars 209 forks source link

Add knob to IS-IS section to create the IS-IS `system-id` field based on Loopback0 #3670

Closed ZoeyFahner-Arista closed 6 months ago

ZoeyFahner-Arista commented 8 months ago

Enhancement summary

Currently AVD utilizes the node id of the element to generate the IS-IS system-id field. In some situations where multiple node groups are utilized this can result in a duplication of the system-id field which will cause IS-IS to malfunction. This issue requests a knob to construct the IS-IS system-id field based on the router's Loopback0 underlay IP, guaranteeing global uniqueness within the fabric.

Which component of AVD is impacted

eos_designs

Use case example

Demonstration of Issue

Consider the following AVD configuration where the customer has requested a subnet per site for Underlay Loopback generation. Both nodes utilize an ID of 1 to obtain the first loopback in each group.

pe:
  defaults:
    virtual_router_mac_address: 00:c1:00:00:00:11
    node_sid_base: 100
    is_type: level-2
    isis_system_id_prefix: '0000.0001'
  node_groups:
    - group: "SITE_FIZZ"
      loopback_ipv4_pool: 192.168.203.0/24
      nodes:
        - name: "FIZZ-01"
          id: 1
    - group: "SITE_BUZZ"
      loopback_ipv4_pool: 192.168.204.0/24
      nodes:
        - name: "BUZZ_01"
          id: 1

Which results in both FIZZ-01 and BUZZ-01 getting an identical IS-IS NET of 49.0001.0000.0000.0001.00, which will not operate correctly. However, both routers do have unique underlay Loopback addresses (192.168.203.1 and 192.168.204.1).

Describe the solution you would like

Loopback to IS-IS System-ID Conversion

Many service providers encode the underlay Loopback IP address into the IS-IS system-id field the following way:

  1. Left-pad all IPv4 octets with 0s to three digits
  2. Strip the octet delimiter (.), leaving a string of integers
  3. Insert the IS-IS system-id delimiter (.) every four digits

Examples

Shown using an isis_system_id_prefix of 49.0001 and the default NSEL of 00.

192.168.0.1
192.168.000.001
192168000001
1921.6800.0001

Resulting IS-IS NET:  49.0001.1921.6800.0001.00
10.0.0.3
010.000.000.003
010000000003
0100.0000.0003

Resulting IS-IS NET:  49.0001.0100.0000.0003.00

Add the following new option to the IS-IS dictionary within the AVD eos_designs to allow selection of the Underlay Loopback. Here is a proposed diff of the schema:

<node_type_keys.key>:

  # Define variables for all nodes of this type.
  defaults:

    # (4.4 hexadecimal).
    isis_system_id_prefix: <str>

+   # Selection of either node ID or Underlay Loopback to create the IS-IS `system_id` field
+   isis_system_id_format: <str; "id" | "underlay_loopback"; default="id">

    # Number of path to configure in ECMP for ISIS.
    isis_maximum_paths: <int>
    is_type: <str; "level-1-2" | "level-1" | "level-2"; default="level-2">

    # Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
    node_sid_base: <int; default=0>

  # Define variables related to all nodes part of this group.
  node_groups:

      # The Node Group Name is used for MLAG domain unless set with 'mlag_domain_id'.
      # The Node Group Name is also used for peer description on downstream switches' uplinks.
    - group: <str; required; unique>

      # Define variables per node.
      nodes:

          # The Node Name is used as "hostname".
        - name: <str; required; unique>

          # (4.4 hexadecimal).
          isis_system_id_prefix: <str>

+         # Selection of either node ID or Underlay Loopback to create the IS-IS `system_id` field
+         isis_system_id_format: <str; "id" | "underlay_loopback"; default="id">

          # Number of path to configure in ECMP for ISIS.
          isis_maximum_paths: <int>
          is_type: <str; "level-1-2" | "level-1" | "level-2"; default="level-2">

          # Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
          node_sid_base: <int; default=0>

      # (4.4 hexadecimal).
      isis_system_id_prefix: <str>

+     # Selection of either node ID or Underlay Loopback to create the IS-IS `system_id` field
+     isis_system_id_format: <str; "id" | "underlay_loopback"; default="id">

      # Number of path to configure in ECMP for ISIS.
      isis_maximum_paths: <int>
      is_type: <str; "level-1-2" | "level-1" | "level-2"; default="level-2">

      # Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
      node_sid_base: <int; default=0>

  # Define variables per node.
  nodes:

      # The Node Name is used as "hostname".
    - name: <str; required; unique>

      # (4.4 hexadecimal).
      isis_system_id_prefix: <str>

+     # Selection of either node ID or Underlay Loopback to create the IS-IS `system_id` field
+     isis_system_id_format: <str; "id" | "underlay_loopback"; default="id">

      # Number of path to configure in ECMP for ISIS.
      isis_maximum_paths: <int>
      is_type: <str; "level-1-2" | "level-1" | "level-2"; default="level-2">

      # Node-SID base for isis-sr underlay variants. Combined with node id to generate ISIS-SR node-SID.
      node_sid_base: <int; default=0>

Describe alternatives you have considered

Right now we can work around the limitation using structured configuration under each node to overwrite the auto-generated IS-IS system-id (while also having to keep track of the net-id manually):

pe:
  defaults:
    virtual_router_mac_address: 00:c1:00:00:00:11
    node_sid_base: 100
    is_type: level-2
    isis_system_id_prefix: '0000.0001'
  node_groups:
    - group: "FIZZ"
      loopback_ipv4_pool: 192.168.203.0/24
      nodes:
        - name: "FIZZ-01"
          id: 1
          structured_config:
            router_isis:
              instance: "CORE"
              net: "49.0001.1921.6820.3001.00"
    - group: "BUZZ"
      loopback_ipv4_pool: 192.168.204.0/24
      nodes:
        - name: "BUZZ_01"
          id: 1
          structured_config:
            router_isis:
              instance: "CORE"
              net: "49.0001.1921.6820.4001.00"

Overriding the isis_system_id_prefix on a per-group basis to ensure a globally unique IS-IS net-id is not a solution since it would create different IS-IS network areas and is an invalid configuration for the target topology.

Additional context

Caveats

Care must be taken that the knob remains defaulted to id so that existing customers utilizing AVD do not have a reconfiguration of the IS-IS NET ID.

Contributing Guide

ZoeyFahner-Arista commented 8 months ago

After speaking with @ClausHolbechArista it makes sense to keep the IS-IS system_id format selection knob as a global IS-IS parameter, similar to how we configure the overlay options for RD / RT, etc.

Additionally since this is a more resilient method of ensuring IS-IS system_id uniqueness it may be made the default format for AVD 5.0 as long as migration notes are included that the behavior is changing on the major version release.

eos_designs Top-Level Key

# Selection of either node ID or Underlay Loopback (Loopback0) to create the IS-IS `system_id` field
isis_system_id_format: <str; "id" | "underlay_loopback"; default="underlay_loopback">