[BUG] isis/02-ipv6.yml validation fails due to FRR requiring multi-topology

[jbemmel]

SR Linux fails to exchange IPv6 routes with FRR in an ipv6-only scenario isis/02-ipv6.yml

The reason is that FRR sends a multi-topology ipv4/ipv6, with its management address as ipv4 router ID; SR Linux does not support multi-topology

tlv ipv4-interface-addresses {
                            ipv4-interface-addresses {
                                address [
                                    192.168.121.103
                                ]
                            }
                        }
                        tlv ipv4-te-router-id {
                            ipv4-te-router-id {
                                router-id [
                                    192.168.121.103
                                ]
                            }
                        }
                        tlv mt-ipv6-reachability {
                            mt-ipv6-reachability {
                                prefixes {
                                    prefix ::/0 mt-id 2 {
                                        up-down false
                                        s-bit false
                                        metric 3087008512
                                    }
                                    prefix 2001:db8:1:3::/64 mt-id 2 {
                                        up-down false
                                        s-bit true
                                        metric 10
                                    }
                                    prefix 4020:10d::/32 mt-id 2 {
                                        up-down false
                                        s-bit false
                                        metric 0
                                    }
                                }
                            }
                        }
                        tlv multi-topology {
                            multi-topology {
                                topologies {
                                    topology 0 {
                                    }
                                    topology 2 {
                                    }
                                }
                            }
                        }
                        tlv nlpid {
                            nlpid {
                                nlpid [
                                    ipv6
                                    ipv4
                                ]
                            }
                        }
                        tlv router-capability {
                            router-capabilities {
                                capability 0 {
                                    router-id 192.168.121.103
                                }
                            }
                        }

Test topology: https://github.com/ipspace/netlab/blob/dev/tests/integration/isis/02-ipv6.yml

This is incorrect - there should not be any ipv4 configuration in this scenario

[ipspace]

SR Linux fails to exchange IPv6 routes with FRR in an ipv6-only scenario isis/02-ipv6.yml

It also fails to exchange IPv6 routes with FRR in dual-stack scenario.

The reason is that FRR sends a multi-topology ipv4/ipv6, with its management address as ipv4 router ID; SR Linux does not support multi-topology

In which case there's nothing we can do. The IS-IS module assumes "multi-topology" (see https://netlab.tools/module/isis/) and that's how most other devices are configured. I will document the caveat.

This is incorrect - there should not be any ipv4 configuration in this scenario

Well, that translates into "FRR container should use the management VRF", and I have no problem with that. Will open another issue. However, that won't change what's going on here at all.

[jbemmel]

It is possible to support ipv6-only scenario's, through a small change in FRR

{% if 'ipv6' in isis.af and 'ipv4' in isis.af %}
  topology ipv6-unicast
{% endif %}

The above enables multi-topology

I'd suggest we add a isis.multi_topology feature flag and check for that

[ipspace]

It is possible to support ipv6-only scenario's, through a small change in FRR

Have to test what that does. FRRouting IS-IS is a bit underdocumented :(

The above enables multi-topology

You just said SR Linux does not support multi-topology, so which one is it?

I'd suggest we add a isis.multi_topology feature flag and check for that

IPv6 should work with or without multi-topology. It's just a question of whether you have one or two sets of adjacencies.

Anyway, SR Linux is the only device (that we implemented IS-IS for) that has a problem with that, so you might want to solve that with a device quirk.

[jbemmel]

It is possible to support ipv6-only scenario's, through a small change in FRR

Have to test what that does. FRRouting IS-IS is a bit underdocumented :(

The above enables multi-topology

You just said SR Linux does not support multi-topology, so which one is it?

For reasons that are beyond me, SR Linux removed IS-IS multi-topology support in 23.10. This means it won't interop with a device that signals multi-topology, even if the topology is ipv6 only.

The topology command in FRR enables multi-topology. It is not required in ipv6-only scenario's

I'd suggest we add a isis.multi_topology feature flag and check for that

IPv6 should work with or without multi-topology. It's just a question of whether you have one or two sets of adjacencies.

Anyway, SR Linux is the only device (that we implemented IS-IS for) that has a problem with that, so you might want to solve that with a device quirk.

I can do that too if that's preferred

[ipspace]

Anyway, SR Linux is the only device (that we implemented IS-IS for) that has a problem with that, so you might want to solve that with a device quirk.

I can do that too if that's preferred

Please do.