IETF Logo Mail Archive

Re: [spring] [Mapping Server] Conflict Resolution

"Les Ginsberg (ginsberg)" <ginsberg@cisco.com> Sat, 18 March 2017 05:50 UTC

Return-Path: <ginsberg@cisco.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D15F12714F for <spring@ietfa.amsl.com>; Fri, 17 Mar 2017 22:50:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.521
X-Spam-Level:
X-Spam-Status: No, score=-14.521 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, NORMAL_HTTP_TO_IP=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B2ScqUtL2m6E for <spring@ietfa.amsl.com>; Fri, 17 Mar 2017 22:49:56 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9BDF7127011 for <spring@ietf.org>; Fri, 17 Mar 2017 22:49:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=74954; q=dns/txt; s=iport; t=1489816196; x=1491025796; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=ow4Eqsx2W79PYU+u6wFmRJ7GLuWaqx3D+o6di/dEBjg=; b=I9o5Fjj1QkMTEiSphNyBgcjsic0UqeoUEfevAsMhVlS2bqYlw4nzQyjV f9LYLsjj3hd9FvL+VFXbrHM/5CXXVd3QMpJu+fG9u2YN6XfbQkg0LzZCn aHm/C0tVysdk0ur6cJdg0/bi2S4Ro3OvzSnbdiQIP0JBt0la1eTcSG9Qm w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DPAQA6ycxY/4cNJK1dGQEBAQEBAQEBAQEBBwEBAQEBgm5jYYEKB4Nbig+RW4JahTiNMYIOLoV0Ahoogj8/GAECAQEBAQEBAWsohRUBAQEBAyMKHx8OEAIBCBECAgEBIQEGAwICAh8EDRQJCAIEDgUIFolKAxAFDrJEgiaED4MnDYMJAQEBAQEBAQEBAQEBAQEBAQEBAQEBHYZOhG+CUYFmAQEFJAkfglCCXwWWBIYPOgGGeIMog3CEKYIEhSiDVoYyimQmB4hGAQ8QOIEEWBWFGB2BY3UBhn0NFweBA4ENAQEB
X-IronPort-AV: E=Sophos;i="5.36,180,1486425600"; d="scan'208,217";a="224895629"
Received: from alln-core-2.cisco.com ([173.36.13.135]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 18 Mar 2017 05:49:55 +0000
Received: from XCH-RCD-010.cisco.com (xch-rcd-010.cisco.com [173.37.102.20]) by alln-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id v2I5ntoL003509 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Sat, 18 Mar 2017 05:49:55 GMT
Received: from xch-aln-001.cisco.com (173.36.7.11) by XCH-RCD-010.cisco.com (173.37.102.20) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Sat, 18 Mar 2017 00:49:54 -0500
Received: from xch-aln-001.cisco.com ([173.36.7.11]) by XCH-ALN-001.cisco.com ([173.36.7.11]) with mapi id 15.00.1210.000; Sat, 18 Mar 2017 00:49:54 -0500
From: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>
To: tech_kals Kals <tech.kals@gmail.com>
CC: "spring@ietf.org" <spring@ietf.org>, "Peter Psenak (ppsenak)" <ppsenak@cisco.com>, "Stefano Previdi (sprevidi)" <sprevidi@cisco.com>, "martin.pilka@pantheon.tech" <martin.pilka@pantheon.tech>
Thread-Topic: [Mapping Server] Conflict Resolution
Thread-Index: AQHSnsVBWNzGjxwjFUOLSVXC0/gmBqGYnB/ggABlvgCAAQUI0A==
Date: Sat, 18 Mar 2017 05:49:54 +0000
Message-ID: <aaf69434308545a5b2566645cc2e4e47@XCH-ALN-001.cisco.com>
References: <CAHWErLdy5RgdWQKOXp1PrbB6T_ANObznCSXvdQ0nkbBgukD5cQ@mail.gmail.com> <e0950e57a2a24bd99d78908be0d49a5d@XCH-ALN-001.cisco.com> <CAHWErLeBaMPDPJst0MpQfBXQqE3PW2pwGG_f6A539o1dv9gDYw@mail.gmail.com>
In-Reply-To: <CAHWErLeBaMPDPJst0MpQfBXQqE3PW2pwGG_f6A539o1dv9gDYw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.83.223]
Content-Type: multipart/alternative; boundary="_000_aaf69434308545a5b2566645cc2e4e47XCHALN001ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/4XJQqx2p9E-EmSQHFsHTLJvWZEU>
Subject: Re: [spring] [Mapping Server] Conflict Resolution
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Stacked Tunnels for Source Routing \(STATUS\)." <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Mar 2017 05:50:00 -0000

Kals –

Please look closely at how to determine if there is a conflict.
From Section 3:

     Prf - Preference Value (See Section 3.1)
       Pi - Initial prefix
       Pe - End prefix
       L  - Prefix length
       Lx - Maximum prefix length (32 for IPv4, 128 for IPv6)
       Si - Initial SID value
       Se - End SID value
       R  - Range value (See Note 1)
       T  - Topology
       A  - Algorithm

       A Mapping Entry is then the tuple: (Prf, Src, Pi/L, Si, R, T, A)
       Pe = (Pi + ((R-1) << (Lx-L))
       Se = Si + (R-1)

And Section 3.2.1

  Given two mapping entries:

   (Prf, P1/L1, S1, R1, T1, A1) and
   (Prf, P2/L2, S2, R2, T2, A2)

   where P1 <= P2

   a prefix conflict exists if all of the following are true:

   1)(T1 == T2) && (A1 == A2)
   2)P1 <= P2
   3)The prefixes are in the same address family.
   2)L1 == L2
   3)(P1e >= P2) && ((S1 + (P2 - P1)) != S2)

The preference rule as defined in the latest version of the draft (02):

1.  Higher preference value wins
   2.  Smaller range wins
   3.  IPv6 entry wins over IPv4 entry
   4.  Longer prefix length wins
   5.  Smaller algorithm wins
   6.  Smaller starting address (considered as an unsigned integer
       value) wins
   7.  Smaller starting SID wins
   8.  If topology IDs are NOT identical both entries MUST be ignored

Comments inline

From: tech_kals Kals [mailto:tech.kals@gmail.com]
Sent: Friday, March 17, 2017 1:09 AM
To: Les Ginsberg (ginsberg)
Cc: spring@ietf.org; Peter Psenak (ppsenak); Stefano Previdi (sprevidi); martin.pilka@pantheon.tech
Subject: Re: [Mapping Server] Conflict Resolution

Hi Les,

 Sorry, I have not included my mapping entries in the previous mail. Please see the example here below.

 I am working with the RFC which doesn't support Preference Value, so please ignore it. And, my mapping entries would looks like.
Topology will be a single topology, not a Multi-topology and algorithm would be SPF not CSPF.

 Please read my entry the below order:  <Prefix-start/ prefix-len,  starting SID,  range>
 E1 and E2 already configured Active entries. X is the newly incoming entry.


Scenario 1:   (Entries are conflicting with prefix)
                         Entry E1:      <10.1.10.0/24<http://10.1.10.0/24>, 300, 22>
                         Entry E2:      <10.1.1.0/24<http://10.1.1.0/24>,   150, 5>

[Les:] E1 expands to (10.1.10.0/24 through 10.1.31.0/24) using SIDs 300-321
E2 expands to (10.1.1.0/24 through 10.1.5.0/24) using SIDs 150 -154

There is no conflict – both entries are used.

                         incoming entry is X:
                         Entry X:        <10.1.2.0/24<http://10.1.2.0/24>,  200, 20>

[Les:] X expands to (10.1.2.0/24 – 10.1.21.0/24) using SIDs 200-219.
There is a prefix conflict with E1.
Preference rule #2 (smaller range) is applied – but the answer one gets depends on the order in which the entries are processed – a point which I discussed in my presentation at IETF 96. See Slides 17-20 in
https://www.ietf.org/proceedings/97/slides/slides-97-spring-1_ietf97_draft-ietf-spring-conflict-resolution-02-00.pptx

So, if we examine entries in range order (smallest to highest) we find:
E2 has no conflict w X nor with E1.
X has a conflict with E1 – E1 is ignored.
E2 and X are used.

           Step1: Conflict would be validated between E1 and X.

           Step2: Conflict would be validated between E2 and X.

          # what are the entries would be active and what will become inactive/excluded entry ?



Scenario 2:   (Entries are conflicting with SID)
                         Entry E1:      <10.1.10.0/24<http://10.1.10.0/24>, 300, 22>
                         Entry E2:      <7.1.1.0/24<http://7.1.1.0/24>,     280, 10>

[Les:] Again, there is no conflict, both entries are used.

                         incoming entry is X:
                         Entry X:        <3.1.1.0/24<http://3.1.1.0/24>,   285, 20>

[Les:] There is no prefix conflict but there is a SID conflict.
E1 300 – 321
E2 280 – 289
X 285 – 304

Again applying Preference Rule #2 (smallest range wins)
E2 wins over X – X is ignored
E2 has no conflict with E1 – both entries are used.
So E1 and E2 are used and X is ignored.

           Step1: Conflict would be validated between E1 and X.

           Step2: Conflict would be validated between E2 and X.

          # what are the entries would be active and what will become inactive/excluded entry ?


Scenario 3:    (Entries are conflicting with prefix and SID)

                         Entry E1:      <10.1.10.0/24<http://10.1.10.0/24>, 300, 22>
                         Entry E2:      <5.1.1.0/24<http://5.1.1.0/24>,     190, 15>

[Les:] Again, no conflict – both entries are used.

                         incoming entry is X:
                         Entry X:        <10.1.1.0/24<http://10.1.1.0/24>,  200, 20>

[Les:] X has a prefix conflict with E1 – because it has smaller range X is the winner and E1 is ignored.
X has a SID conflict with E2. E2 has smaller range so X is ignored.
Only E2 is used.
Note that we evaluate  prefix conflicts before sid conflicts. Different results might ensue if we did sid conflicts before prefix conflicts (though not in this example)

The subtleties of ordering in achieving interoperability have not yet been incorporated into the draft – in part because there is still discussion about what policy should be used (Ignore, Quarantine, Ignore Overlap Only). If the WG were to select Ignore as the policy then ordering would not matter.

HTH

   Les

           Step1: Conflict would be validated between E1 and X.

           Step2: Conflict would be validated between E2 and X.

          # what are the entries would be active and what will become inactive/excluded entry ?


Regards,
__tech.kals__


On Fri, Mar 17, 2017 at 12:41 PM, Les Ginsberg (ginsberg) <ginsberg@cisco.com<mailto:ginsberg@cisco.com>> wrote:
It is not possible to answer your query because the way you have presented your entries (X, E1, E2, E3) does not tell us what conflicts you have.
Do you have two SIDs assigned to the same prefix? (Prefix conflict)
Do you have the same SID assigned to two different prefixes? (SID conflict)

This matters – see Section 3.3.6 of the draft for an example as to why.

Please present your example in the form defined in Section 3:

       Prf - Preference Value (See Section 3.1)
       Pi - Initial prefix
       Pe - End prefix
       L  - Prefix length
       Lx - Maximum prefix length (32 for IPv4, 128 for IPv6)
       Si - Initial SID value
       Se - End SID value
       R  - Range value (See Note 1)
       T  - Topology
       A  - Algorithm

       A Mapping Entry is then the tuple: (Prf, Src, Pi/L, Si, R, T, A)

Thanx.

   Les


From: tech_kals Kals [mailto:tech.kals@gmail.com<mailto:tech.kals@gmail.com>]
Sent: Thursday, March 16, 2017 7:22 PM
To: spring@ietf.org<mailto:spring@ietf.org>; Les Ginsberg (ginsberg); Peter Psenak (ppsenak); Stefano Previdi (sprevidi); martin.pilka@pantheon.tech<mailto:martin.pilka@pantheon.tech>
Subject: [Mapping Server] Conflict Resolution

Hi Experts,

  Could you please explain me what would be the expected behavior in the following scenario in Quarantine approach.

  Mapping entries E1, E2, E3 are Active entries.

  In case, if incoming new entry say X which has conflict with E1, E2 and E3.

  Assume, X is better than E1 but not better than E2.  ( E1 < X < E2)

  1] X is better than E1 so E1 will become excluded entry and X will become an active entry

  2] Now, X is compared with E2. E2 is better than X. So, X will become excluded entry and E2 is an active entry as it was.

So, X and E1 will become "excluded entry".

I couldn't find any info as shown above in the RFC. Can you please clarify ?


My doubts:
1) Will the entry become active only if it wins with all entries which are conflicted with this ?
2) When doing conflict resolution with other entries, it can win with some entries and can lose to some? What could be the behavior ?
     - This is the case which I explained above.
     - In this case, X can become active by winning to E1 and lose E2 which leads X and E1 to become inactive/excluded entry.


can you please clarify ?


Regards,
__tech.kals__

v2.23.0 | Report a Bug | By Email