Les,
On the complexity side, I have the feeling that a portion of this complexity
comes from editorial choices in the draft. And in particular that the text and
concepts used for the per FEC policy could be simplified.
Indeed, what we need for a consistent behavior across all implementations, is
to specify the behavior of the end result. We should not need to discuss
implementation internals.
A priori, the following text should be enough:
"In step 1, Prefix conflicts are resolved on a per FEC/IP prefix/Segment basis.
For each FEC, the preferred SID is selected, as per the preference function
(e.g. best Preference field, then smallest SID)
Note that following this step, each prefix covered by an IGP
SID advertisement has exactly one SID.
In step 2, SID conflicts are resolved. For each SID, the preferred Prefix is
selected as per the preference function.
Note that following this step, each SID has a single prefix.
However some prefix may have no SID."
With the above text, there is no need for the draft to introduce generalized
mapping entries, nor to split original entries into multiple ranges, nor to
clarify whether the info are to be taken from the original or derived entries...
Then each implementation is free to choose its own data-structure and
implementation details.
e.g one may split original entries into multiple ranges if this is your choice.
Another one may simply decompress the MS advertisement by adding the SID to
each prefix, as if it were coming from a prefixSID. (As the MS range is
"essentially a compression scheme") so if its too complex to handle in its
compress form, lets decompress).
e.g. after receiving the MS entry (128, 1.1.1.1/32 100 range 255), the SID 100
(resp. 101...354) is added to the IP prefix 1.1.1.1 (resp. 1.1.1.2... 1.1.1.255)
Following this decompression, comparison is much more simple as there is no
more MS entries which are not directly comparable to prefix SID.
e.g. in the worst case, a prefix as a set of SID, and one is selected using the
preference function. A simple preference may be to select the highest
Preference, and then the smallest SID to tie-brake.
In summary, having multiple advertisements for a routing entries and having to
select one, is not new in the routing space/area. In this case, the complexity
comes from the Mapping Server range, rather than the selection of one SID. So
let's just decompress this Mapping Server range, and the problem gets simpler
and very similar to what we are used to in the routing space, i.e. select the
best route/path/entry
2) Preference function
For all policy except "ignore all", there is a need for a preference function.
So this point is not a changing the complexity between a per advertisement
policy (quarantine/new proposal) and a per FEC policy (e.g. ignore overlap)
Thanks,
--Bruno
From: Les Ginsberg (ginsberg) [mailto:[email protected]]
Sent: Friday, December 09, 2016 7:31 PM
To: DECRAENE Bruno IMT/OLN
Cc: [email protected]
Subject: RE: SID Conflict Resolution: A Simpler Proposal
Bruno -
Welcome back to the discussion. :)
Inline.
From: [email protected]<mailto:[email protected]>
[mailto:[email protected]]
Sent: Friday, December 09, 2016 2:07 AM
To: Les Ginsberg (ginsberg)
Cc: [email protected]<mailto:[email protected]>
Subject: RE: SID Conflict Resolution: A Simpler Proposal
Hi Les,
As a individual contributor, please find below some clarification questions
[Bruno]
From: spring [mailto:[email protected]] On Behalf Of Les Ginsberg
(ginsberg)
Sent: Monday, December 05, 2016 1:04 AM
To: [email protected]<mailto:[email protected]>
Subject: [spring] SID Conflict Resolution: A Simpler Proposal
When the problem addressed by draft-ietf-spring-conflict-resolution was first
presented at IETF 94, the authors defined the following priorities:
1)Detect the problem
2)Report the problem
This alerts the network operator to the existence of a conflict so that
the configuration error can be corrected.
3)Define consistent behavior
This avoids mis-forwarding while the conflict exists.
4)Don't overengineer the solution
Given that it is impossible to know which of the conflicting entries
is the correct one, we should apply a simple algorithm to resolve the conflict.
5)Agree on the resolution behavior
The resolution behavior was deliberately the last point because it was
considered the least important.
Input was received over the past year which emphasized the importance of
trying to "maximize forwarding" in the presence of conflicts. Subsequent
revisions of the draft have tried to address this concern. However the authors
have repeatedly stressed that the solution being proposed
("ignore overlap only") was more complex than other offered alternatives and
would be more difficult to guarantee interoperability because subtle
differences in an implementation could produce different results.
At IETF97 significant feedback was received preferring a simpler solution to
the problem. The authors are very sympathetic to this feedback and therefore
are proposing a solution based on what the draft defines as the "Ignore"
policy - where all entries which are in conflict are ignored. We believe this
is far more desirable and aligns with the priorities listed above.
[Bruno] In the draft, the "Ignore" policy (§3.3.1) ignores all conflicting
entries.
In your below proposition, the policy seems to pick the most preferred entry.
This looks like more similar to the "Quarantine" policy proposed in the draft
(§3.3.2)
Am I missing something?
[Les:] At the time "Ignore" was introduced (over a year ago) the notion of
"SRMS preference" did not exist - that was only added in the most recent
version of the draft.
We (the authors) feel that this is a useful construct because:
1)It provides an explicit basis on which to choose between conflicting entries.
2)It is particularly useful when bringing up a new SRMS as it allows the
advertised values to be verified before they are used.
So, your comment is correct in that there is now a preference algorithm in use
- whereas with the original definition of "Ignore" there was no preference
algorithm. But the sole criteria of the preference rule is the explicitly
configured preference - none of the other criteria proposed for Quarantine are
used - and in particular we do not make partial use of a mapping entry as is
the case with "Ignore Overlap Only".
I am happy to modify the nomenclature - but the point of this thread is not to
replace a new draft revision - it is to get the sense of the WG before we
publish a new revision as to whether we should continue down the "Ignore
Overlap only" path or move to a simpler strategy - so let's not be too picky
about the naming.
We outline the proposed solution below and would like to receive feedback from
the WG before publishing the next revision of the draft.
Les (on behalf of the authors)
New Proposal
In the latest revision of the draft "SRMS Preference" was introduced. This
provides a way for a numerical preference to be explicitly associated with an
SRMS advertisement. Using this an operator can indicate which advertisement is
to be preferred when a conflict is present. The authors think this is a useful
addition and we therefore want to include this in the new solution.
The new preference rule used to resolve conflicts is defined as follows:
A given mapping entry is compared against all mapping entries in the database
with a preference greater than or equal to its own. If there is a conflict,
the mapping entry with lower preference is ignored. If two mapping entries are
in conflict and have equal preference then both entries are ignored.
Implementation of this policy is defined as follows:
Step 1: Within a single address-family/algorithm/topology sort entries
based on preference
[Bruno] I'm not sure what you are refering to by "preference". Is this the IGP
"SRMS Preference sub-TLV" or is this the preference defined in the draft
(§3.3.4)?
[Les:] It is the former.
Assuming you meant the SRMS preference, why limiting to this field, rather than
including all fields defined in the draft preference algo?
Using the latter would reduce the risk of ignoring all entries (i.e. having no
entry in output of this algo). Also a priori, a sort would not be required as
a single pass could select the most preferred entry.
[Les:] The point of the alternative proposal is a simplification. The
presentation in Seoul (check out the slides) highlighted complexities in the
implementation of "ignore-overlap-only" - in particular subtleties in the order
in which an implementation looks at entries which could produce
interoperability issues even though implementations are using the same
preference rule. The alternative reduces the chances of these interoperability
issues occurring because the algorithm used is simpler and less subject to
subtle implementation differences.
If you want to argue that these are solvable problems I won't disagree with you
- it is a question of where we want to put our time and effort. A number of
folks are commenting that they prefer to focus on fixing the configuration and
not invest time in validating that conflict resolution is implemented in an
interoperable way. As we (the authors) have stated from the beginning, we
believe the emphasis should be on detecting and reporting the conflicts - not
spending cycles implementing the most robust means of trying to operate
optimally while the misconfiguration exists. I know you disagree on this point
- but that is exactly what the WG is debating - not whether it is possible to
make "ignore overlap only" work.
Les
Thanks
-- Bruno
Step 2: Starting with the lowest preference entries, resolve prefix conflicts
using the above preference rule. The output is an active policy per topology.
Step 3: Take the outputs from Step 2 and again sort them by preference
Step 4: Starting with the lowest preference entries, resolve SID conflicts
using the above preference rule
The output from Step 4 is then the current Active Policy.
Here are a few examples. Each mapping entry is represented by the tuple:
(Preference, Prefix/mask Index range <#>)
Example 1:
1. (150, 1.1.1.1/32 100 range 100)
2. (149, 1.1.1.10/32 200 range 200)
3. (148, 1.1.1.101/32 500 range 10)
Entry 3 conflicts with entry 2, it is ignored.
Entry 2 conflicts with entry 1, it is ignored.
Active policy:
(150, 1.1.1.1/32 100 range 100)
Example 2:
1. (150, 1.1.1.1/32 100 range 100)
2. (150, 1.1.1.10/32 200 range 200)
3. (150, 1.1.1.101/32 500 range 10)
4. (150, 2.2.2.1/32 1000 range 1)
Entry 1 conflicts with entry 2, both are marked as ignore.
Entry 3 conflicts with entry 2. It is marked as ignore.
Entry 4 has no conflicts with any entries
Active policy:
(150, 2.2.2.1/32 1000 range 1)
Example 3:
1. (150, 1.1.1.1/32 100 range 500)
2. (150, 1.1.1.10/32 200 range 200)
3. (150, 1.1.1.101/32 500 range 10)
4. (150, 2.2.2.1/32 1000 range 1)
Entry 1 conflicts with entries 2, 3, and 4. All entries are marked ignore.
Active policy:
Empty
Example 4:
1. (150, 1.1.1.1/32 100 range 10)
2. (149, 1.1.1.10/32 200 range 300)
3. (149, 1.1.1.101/32 500 range 10)
4. (148, 2.2.2.1/32 1000 range 1)
Entry 4 conflicts with entry 2. It is marked ignore.
Entry 2 conflicts with entry 3. Entries 2 and 3 are marked ignore.
Active policy:
(150, 1.1.1.1/32 100 range 10)
_________________________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou
falsifie. Merci.
This message and its attachments may contain confidential or privileged
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been
modified, changed or falsified.
Thank you.
_________________________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou
falsifie. Merci.
This message and its attachments may contain confidential or privileged
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been
modified, changed or falsified.
Thank you.
_______________________________________________
spring mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/spring
