IETF Logo Mail Archive

Re: [spring] SID Conflict Resolution: A Simpler Proposal

"Acee Lindem (acee)" <acee@cisco.com> Mon, 05 December 2016 16:28 UTC

Return-Path: <acee@cisco.com>
X-Original-To: spring@ietfa.amsl.com
Delivered-To: spring@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCE95129542 for <spring@ietfa.amsl.com>; Mon, 5 Dec 2016 08:28:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.417
X-Spam-Level:
X-Spam-Status: No, score=-17.417 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.896, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g_wc9fQeaZau for <spring@ietfa.amsl.com>; Mon, 5 Dec 2016 08:28:43 -0800 (PST)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B571129B05 for <spring@ietf.org>; Mon, 5 Dec 2016 08:28:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=19879; q=dns/txt; s=iport; t=1480955323; x=1482164923; h=from:to:subject:date:message-id:mime-version; bh=TlW7eOZL1KboDYvnUavzvAxsVW48FVwNLK/Z87VjYpA=; b=BjH19D2RD0GazQmRQcQNzv7Zz8GZc8MkCE3psF0aab/+jKH9IeG6ePzA 2ikCP22U45Iu/y/xF8hYUi1P+bwWPryw9JL9T6ZRHoaoNuQd+AmnZQTd3 KYNbZESOYSLi/OrLG1aCZYy84pFETYdnz5yFdPtOnsNLj6fR/biArBVKF o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0C4AwDnlEVY/4wNJK1dGgEBAQECAQEBAQgBAQEBgnNFAQEBAQEfWoEGB6RJlH2CCIYiAoISQBMBAgEBAQEBAQFiKIRoAQYtXgEIEQMBAig5FAkKBAESG4hUrS2LOwEBAQEBAQQBAQEBAQEhixmEaBaFKwWUfIVqAZEWkD2OAoQMASABNUlQg1wcgV1yh2yBDQEBAQ
X-IronPort-AV: E=Sophos;i="5.33,305,1477958400"; d="scan'208,217";a="356896804"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 05 Dec 2016 16:28:42 +0000
Received: from XCH-RTP-005.cisco.com (xch-rtp-005.cisco.com [64.101.220.145]) by alln-core-7.cisco.com (8.14.5/8.14.5) with ESMTP id uB5GSgXY025703 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL) for <spring@ietf.org>; Mon, 5 Dec 2016 16:28:42 GMT
Received: from xch-rtp-015.cisco.com (64.101.220.155) by XCH-RTP-005.cisco.com (64.101.220.145) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Mon, 5 Dec 2016 11:28:41 -0500
Received: from xch-rtp-015.cisco.com ([64.101.220.155]) by XCH-RTP-015.cisco.com ([64.101.220.155]) with mapi id 15.00.1210.000; Mon, 5 Dec 2016 11:28:41 -0500
From: "Acee Lindem (acee)" <acee@cisco.com>
To: "Les Ginsberg (ginsberg)" <ginsberg@cisco.com>, "spring@ietf.org" <spring@ietf.org>
Thread-Topic: [spring] SID Conflict Resolution: A Simpler Proposal
Thread-Index: AQHSTxSjpdbpy2EEiUGYnIhp/Ij4bw==
Date: Mon, 05 Dec 2016 16:28:41 +0000
Message-ID: <D46AFE2D.8E978%acee@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.116.152.204]
Content-Type: multipart/alternative; boundary="_000_D46AFE2D8E978aceeciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/spring/MaXJFHFsTzRFfOBPznBcXRkogm8>
Subject: Re: [spring] SID Conflict Resolution: A Simpler Proposal
X-BeenThere: spring@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Stacked Tunnels for Source Routing \(STATUS\)." <spring.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spring>, <mailto:spring-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spring/>
List-Post: <mailto:spring@ietf.org>
List-Help: <mailto:spring-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spring>, <mailto:spring-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Dec 2016 16:28:46 -0000

I like the proposal below much better than keeping track of the overlapping and non-overlapping ranges and dynamically resolving conflicts as the routing state changes. While providing a generalized solution to provide such resolution is an interesting problem, I don’t believe that the complexity justifies the benefit for what are configuration errors.
Thanks,
Acee

From: spring <spring-bounces@ietf.org<mailto:spring-bounces@ietf.org>> on behalf of "Les Ginsberg (ginsberg)" <ginsberg@cisco.com<mailto:ginsberg@cisco.com>>
Date: Sunday, December 4, 2016 at 7:04 PM
To: "spring@ietf.org<mailto:spring@ietf.org>" <spring@ietf.org<mailto:spring@ietf.org>>
Subject: [spring] SID Conflict Resolution: A Simpler Proposal


When the problem addressed by draft-ietf-spring-conflict-resolution was first

presented at IETF 94, the authors defined the following priorities:



1)Detect the problem

2)Report the problem

This alerts the network operator to the existence of a conflict so that

the configuration error can be corrected.

3)Define consistent behavior

This avoids mis-forwarding while the conflict exists.

4)Don’t overengineer the solution

Given that it is impossible to know which of the conflicting entries

is the correct one, we should apply a simple algorithm to resolve the conflict.

5)Agree on the resolution behavior



The resolution behavior was deliberately the last point because it was

considered the least important.



Input was received over the past year which emphasized the importance of

trying to "maximize forwarding" in the presence of conflicts. Subsequent

revisions of the draft have tried to address this concern. However the authors

have repeatedly stressed that the solution being proposed

("ignore overlap only") was more complex than other offered alternatives and

would be more difficult to guarantee interoperability because subtle

differences in an implementation could produce different results.



At IETF97 significant feedback was received preferring a simpler solution to

the problem. The authors are very sympathetic to this feedback and therefore

are proposing a solution based on what the draft defines as the "Ignore"

policy - where all entries which are in conflict are ignored. We believe this

is far more desirable and aligns with the priorities listed above.



We outline the proposed solution below and would like to receive feedback from

the WG before publishing the next revision of the draft.



   Les (on behalf of the authors)



New Proposal



In the latest revision of the draft "SRMS Preference" was introduced. This

provides a way for a numerical preference to be explicitly associated with an

SRMS advertisement. Using this an operator can indicate which advertisement is

to be preferred when a conflict is present. The authors think this is a useful

addition and we therefore want to include this in the new solution.



The new preference rule used to resolve conflicts is defined as follows:



A given mapping entry is compared against all mapping entries in the database

with a preference greater than or equal to its own. If there is a conflict,

the mapping entry with lower preference is ignored. If two mapping entries are

in conflict and have equal preference then both entries are ignored.



Implementation of this policy is defined as follows:



Step 1: Within a single address-family/algorithm/topology sort entries

based on preference

Step 2: Starting with the lowest preference entries, resolve prefix conflicts

using the above preference rule. The output is an active policy per topology.

Step 3: Take the outputs from Step 2 and again sort them by preference

Step 4: Starting with the lowest preference entries, resolve SID conflicts

using the above preference rule



The output from Step 4 is then the current Active Policy.



Here are a few examples. Each mapping entry is represented by the tuple:

(Preference, Prefix/mask Index range <#>)



Example 1:



1. (150, 1.1.1.1/32 100 range 100)

2. (149, 1.1.1.10/32 200 range 200)

3. (148, 1.1.1.101/32 500 range 10)



Entry 3 conflicts with entry 2, it is ignored.

Entry 2 conflicts with entry 1, it is ignored.

Active policy:



(150, 1.1.1.1/32 100 range 100)



Example 2:



1. (150, 1.1.1.1/32 100 range 100)

2. (150, 1.1.1.10/32 200 range 200)

3. (150, 1.1.1.101/32 500 range 10)

4. (150, 2.2.2.1/32 1000 range 1)



Entry 1 conflicts with entry 2, both are marked as ignore.

Entry 3 conflicts with entry 2. It is marked as ignore.

Entry 4 has no conflicts with any entries



Active policy:

(150, 2.2.2.1/32 1000 range 1)



Example 3:



1. (150, 1.1.1.1/32 100 range 500)

2. (150, 1.1.1.10/32 200 range 200)

3. (150, 1.1.1.101/32 500 range 10)

4. (150, 2.2.2.1/32 1000 range 1)



Entry 1 conflicts with entries 2, 3, and  4. All entries are marked ignore.



Active policy:

Empty



Example 4:



1. (150, 1.1.1.1/32 100 range 10)

2. (149, 1.1.1.10/32 200 range 300)

3. (149, 1.1.1.101/32 500 range 10)

4. (148, 2.2.2.1/32 1000 range 1)



Entry 4 conflicts with entry 2. It is marked ignore.

Entry 2 conflicts with entry 3. Entries 2 and 3 are marked ignore.



Active policy:

(150, 1.1.1.1/32 100 range 10)

v2.23.0 | Report a Bug | By Email