Table 8. Feature History Table
Feature Name
|
Release Name
|
Description
|
Protect IS-IS Processes in OOR Conditions |
Release 24.2.11 |
Introduced in this release on: NCS 5700 fixed port routers This feature support is now extended to NCS 5700 fixed port routers.
|
Protect IS-IS Processes in OOR Conditions |
Release 24.2.1 |
Introduced in this release on: NCS 5500 fixed port routers; NCS 5500 modular routers (NCS 5500 line cards; NCS 5700 line cards [Mode: Compatibility; Native])
This feature enables prompt alerts for out-of-resource (OOR) conditions in IS-IS processes that could otherwise cause network
instability and disruption due to memory leaks and excessive link-state packets (LSPs). Additionally, you can disable the
overload bit status flag in the router's LSP to prevent setting the overload-bit. Consult Cisco for optimal results before
making this change.
Previously, during OOR conditions, IS-IS processes restarted themselves, but the OOR conditions could persist.
This ability to protect IS-IS processes in OOR conditions is enabled by default and you can't disable it.
The feature introduces these changes:
CLI:
YANG Data Model
(see GitHub, YANG Data Models Navigator)
|
Overview
Out of Resource (OOR) condition is a scenario where an IS-IS process consumes more memory than its data resource limit permits.
Under this condition, the IS-IS process actively restarts itself. Despite this restart, the excessive memory consumption issue
may continue to occur. This feature actively monitors and alerts users to OOR conditions, proposing corrective measures and
reduces network downtime by preemptively addressing OOR-related disruptions.
The IS-IS Protection Enhancements in OOR Conditions feature is enabled by default.
Resolution of Memory Leak Issues
Memory leaks occur when the IS-IS process fails to release memory that is no longer needed. This inefficiency can cause the
memory usage to grow slowly and steadily. Without intervention, this incremental growth can eventually consume all available
memory resources, leading the IS-IS process into an OOR state. Such a state can significantly degrade network performance
or even cause network failures.
To counteract memory leaks, this feature incorporates a mechanism to restart the IS-IS process. The restart clears the accumulated
leaked memory, preventing the OOR condition. It effectively resets the process's memory state to clean slate.
The IS-IS protocol employs Nonstop Forwarding (NSF) to maintain uninterrupted network operation during the process restart.
NSF ensures that the forwarding of packets continues seamlessly, as the routing state is preserved across the restart. This
means that neither end users nor services experience any perceptible disruption during the remediation of the memory leak.
Excessive Link-State Packets
An excessive number of link-state packets (LSPs) can flood the IS-IS process, usually due to configuration errors. This typically
occurs when multiple nodes redistribute too many prefixes from another routing protocol into IS-IS simultaneously. This overabundance
of LSPs can overburden the router's processing capacity and memory, leading to the installation of an unsustainable number
of routes into the RIB.
If the IS-IS process attempts to accommodate a huge volume of routes—potentially in the millions—it may exhaust system resources
and enter an OOR state. This can result in route installation failures, suboptimal routing, and possibly network instability
or collapse.
The feature introduces control mechanisms to manage and regulate the flow of LSPs into the IS-IS process. By monitoring and
potentially restricting the number of routes accepted or redistributed into IS-IS, the feature prevents system overload. These
controls ensure routing process stability and allow the RIB to handle the route volume without compromising network performance.
Resource Limit and Threshold
IS-IS includes a functionality that regularly checks its memory usage, like a self-check. It monitors its usage against the
maximum allowed memory. If the memory usage approaches the threshold, IS-IS alerts the main thread, indicating high memory
usage. On receiving this alert, the thread initiates action.
Memory State and Usage of Resource Limit
The IS-IS memory state is based on the current percentage usage of defined resource limit, which ranges from approximately
1.6 GB to 2.0 GB.
The table below categorizes memory usage into four states based on percentage usage and specifies the corresponding periodic
monitoring intervals in seconds for each state.
Table 9. Memory Usage States and Associated Monitoring Intervals
Memory Usage (%)
|
Periodic Monitoring Interval in Seconds
|
Memory State
|
Less than 80
|
60
|
Normal
|
Greater than or equal to 80 and less than 90
|
30
|
Minor
|
Greater than or equal to 90 and less than 95
|
20
|
Severe
|
Greater than or equal to 95
|
10
|
Critical
|
Suppression of FRR Backup Path Computation
When the memory state is not 'Normal', IS-IS actively suppresses the computation and installation of Fast Reroute (FRR) backup
paths to the Routing Information Base (RIB). Once the memory state returns to 'Normal' and remains stable for 180 seconds,
IS-IS recommences the standard FRR computation and proceeds with installing FRR backup paths.
If IS-IS identifies a memory leak as the cause of the OOR condition, it initiates a process restart. The process restart does
not trigger route-processor (RP) failover even if the nsr process-failures switchover is configured.
If IS-IS determines that the OOR condition does not stem from a memory leak, it enters the 'waiting state' as specified in
the ISO 10589 standard. This action sets the overload bit in the LSP database for both levels.
In waiting state, the router accepts and processes existing LSPs, including purges. It accepts new LSPs but does not store
or process them.
Normal notification signifies a return to normal memory usage. If IS-IS is in the 'waiting state', it initiates a 60-second
timer called as OORWaitingTimer. Receipt of any OOR notification other than 'Normal' cancels the OORWaitingTimer. IS-IS exits
the 'waiting state' only when the OORWaitingTimer expires, indicating that memory usage has remained normal for 60 seconds.
Upon exiting the 'waiting state', IS-IS clears the overload bit in the LSP database for both levels, in compliance with ISO
10589 standard. To accelerate the exchange of LSPs, IS-IS executes a one-time send of a Complete Sequence Number PDU (CSNP)
across each IS-IS interface, whether LAN or point-to-point, applying a jitter of up to 10 seconds.
Overload Bit on Router
The overload bit represents a specific status flag included in a router's Link State PDU (LSP). When set, the bit informs
neighboring routers that the router should not carry transit traffic. The bit's application is relevant in the following scenarios:
-
When a router encounters a significant, yet non-critical error, such as memory constraints.
-
Throughout the startup or restart of the routing process, the overload bit may be active until the routing protocol stabilizes.
It is not used during a standard Nonstop Forwarding (NSF) restart or failover, as this would induce unnecessary routing instability.
-
For the initial deployment of a new router, the overload bit remains set until the deployment's success is confirmed, after
which it is cleared.
-
Prior to decommissioning a router, setting the overload bit helps to gracefully remove the router from the network topology
before service termination.