IETF Logo Mail Archive

Re: Persistent loops when mixing rtgwg-enterprise-pa-multihoming and rtgwg-dst-src-routing

David Lamparter <equinox@diac24.net> Mon, 07 August 2017 08:40 UTC

Return-Path: <equinox@diac24.net>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B62AF13218E for <rtgwg@ietfa.amsl.com>; Mon, 7 Aug 2017 01:40:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GcwEG-BofobT for <rtgwg@ietfa.amsl.com>; Mon, 7 Aug 2017 01:40:26 -0700 (PDT)
Received: from eidolon.nox.tf (eidolon.nox.tf [IPv6:2a07:2ec0:2185::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FAEE1288B8 for <rtgwg@ietf.org>; Mon, 7 Aug 2017 01:40:25 -0700 (PDT)
Received: from equinox by eidolon.nox.tf with local (Exim 4.89) (envelope-from <equinox@diac24.net>) id 1dedaH-001g8X-Nc; Mon, 07 Aug 2017 10:40:22 +0200
Date: Mon, 07 Aug 2017 10:40:21 +0200
From: David Lamparter <equinox@diac24.net>
To: Fred Baker <fredbaker.ietf@gmail.com>
Cc: Matthieu Boutier <boutier@irif.fr>, Anton Smirnov <as@cisco.com>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: Re: Persistent loops when mixing rtgwg-enterprise-pa-multihoming and rtgwg-dst-src-routing
Message-ID: <20170807084021.GR773745@eidolon>
References: <20170719172913.GU773745@eidolon> <D59D5469.BA187%acee@cisco.com> <BFA9B79E-65F1-4679-BBED-A1FF80CC2050@irif.fr> <D59E78D6.BA292%acee@cisco.com> <E2F46315-BB0F-4463-B7D1-11E0965E92B8@irif.fr> <670146D0-A26A-4AA5-AC6C-253B81271C12@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <670146D0-A26A-4AA5-AC6C-253B81271C12@gmail.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/j37zobpMN89jHXlqnh88ps6aEQM>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Aug 2017 08:40:28 -0000

On Thu, Jul 27, 2017 at 07:23:46PM -0700, Fred Baker wrote:
> > On Jul 27, 2017, at 2:06 AM, Matthieu Boutier <boutier@irif.fr> wrote:
> > 
> > Did you agree that:
> > 
> >  1. destination first give the correct behaviour as-is.
> > 
> >  2. source first needs extra mechanism and route duplication.
> 
> Actually, I don't. I can produce cases in which source first gives the
> wrong route, and in which destination first gives the wrong route. The
> only way I see to make doing either one first *always* gives the right
> result is if a small set of routes is duplicated.

You're right, and we have a SNAFU in terminology here.
rtgwg-dst-src-routing isn't suggesting "destination-first".  It's
"destination-first with fallthrough".

The set of routes that need to be duplicated for destination-first is
exactly this small set that is covered by fallthrough.  Duplicating
these routes is what appendix A.1. of dst-src-routing-05 is describing;
particularly because this duplication significantly reduces
worst-case forwarding/lookup cost - going from "129x129" to "129+129".

[Conversely, appendix A.2. describes translation to "source-first".]

I'll check the draft for whether this terminology SNAFU is in there too.
It explicitly describes the fallthrough as backtracking, so it's
definitely not a content/specification issue, but it may well be jumbled
wording.

FWIW, the Linux kernel implements "destination-first with fallthrough"
plus the separate source-first policy routing feature.  Also, somewhat
relatedly, there were quite a few caching issues back when this was
fresh.

> The issue is when prefixes overlap. If you have sources S1 and S2,
> destinations D1 and D2, D1 is a more specific of D2, and D1 is
> advertised by S1 but not S2, and D2 is advertised by S2. If you are
> looking from S1, you should find S1->D1, and if you are looking from
> S2, you should find S2->D2. If you look destination first, and happen
> to be looking from S2, I think you wind up trying to find S2->D1,
> which doesn't exist.

Right, hence the fallthrough from D1 to D2.

> Every time I get my head into this space, I have to rethink it, and
> the emails I wrote a few years back are unavailable to me now as I am
> no longer at Cisco. I need to think the source version through again.
> But you get the idea. I have pretty much convinced myself that you
> need to duplicate S2->D2 as S2->D1 but with the next hop associated
> with S2->D2 in order to make destination first work. There is a
> similar case regarding source-first lookup.

Source-first lookup simply requires a lot more duplicated routes to get
the same local connectivity coverage. (And fallthrough doesn't help,
because the source-first entry would usually have a default route.)

> This is the reason I have suggested a PATRICIA algorithm or something
> like it that looks up both addresses at the same time.

I've tried to describe the behaviour in terms of functional
requirements;  hence A.1 and A.2 as appendixes describing efficient
implementation choices.

Cheers,


-David

v2.23.0 | Report a Bug | By Email