draft-ietf-spring-conflict-resolution-01.txt   draft-ietf-spring-conflict-resolution-02.txt 
Networking Working Group L. Ginsberg Networking Working Group L. Ginsberg
Internet-Draft P. Psenak Internet-Draft P. Psenak
Intended status: Standards Track S. Previdi Intended status: Standards Track S. Previdi
Expires: December 24, 2016 Cisco Systems Expires: April 29, 2017 Cisco Systems
M. Pilka M. Pilka
June 22, 2016 October 26, 2016
Segment Routing Conflict Resolution Segment Routing Conflict Resolution
draft-ietf-spring-conflict-resolution-01.txt draft-ietf-spring-conflict-resolution-02.txt
Abstract Abstract
In support of Segment Routing (SR) routing protocols advertise a In support of Segment Routing (SR) routing protocols advertise a
variety of identifiers used to define the segments which direct variety of identifiers used to define the segments which direct
forwarding of packets. In cases where the information advertised by forwarding of packets. In cases where the information advertised by
a given protocol instance is either internally inconsistent or a given protocol instance is either internally inconsistent or
conflicts with advertisements from another protocol instance a means conflicts with advertisements from another protocol instance a means
of achieving consistent forwarding behavior in the network is of achieving consistent forwarding behavior in the network is
required. This document defines the policies used to resolve these required. This document defines the policies used to resolve these
skipping to change at page 1, line 45 skipping to change at page 1, line 45
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 24, 2016. This Internet-Draft will expire on April 29, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 25 skipping to change at page 2, line 25
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. SR Global Block Inconsistency . . . . . . . . . . . . . . . . 3 2. SR Global Block Inconsistency . . . . . . . . . . . . . . . . 3
3. SR-MPLS Segment Identifier Conflicts . . . . . . . . . . . . 5 3. SR-MPLS Segment Identifier Conflicts . . . . . . . . . . . . 5
3.1. Conflict Types . . . . . . . . . . . . . . . . . . . . . 6 3.1. SID Preference . . . . . . . . . . . . . . . . . . . . . 6
3.1.1. Prefix Conflict . . . . . . . . . . . . . . . . . . . 6 3.2. Conflict Types . . . . . . . . . . . . . . . . . . . . . 6
3.1.2. SID Conflict . . . . . . . . . . . . . . . . . . . . 8 3.2.1. Prefix Conflict . . . . . . . . . . . . . . . . . . . 6
3.2. Processing conflicting entries . . . . . . . . . . . . . 9 3.2.2. SID Conflict . . . . . . . . . . . . . . . . . . . . 8
3.2.1. Policy: Ignore conflicting entries . . . . . . . . . 9 3.3. Processing conflicting entries . . . . . . . . . . . . . 9
3.2.2. Policy: Preference Algorithm/Quarantine . . . . . . . 10 3.3.1. Policy: Ignore conflicting entries . . . . . . . . . 9
3.2.3. Policy: Preference algorithm/ignore overlap only . . 10 3.3.2. Policy: Preference Algorithm/Quarantine . . . . . . . 10
3.2.4. Preference Algorithm . . . . . . . . . . . . . . . . 10 3.3.3. Policy: Preference algorithm/ignore overlap only . . 10
3.2.5. Example Behavior - Single Topology/Algorithm . . . . 11 3.3.4. Preference Algorithm . . . . . . . . . . . . . . . . 10
3.2.6. Example Behavior - Multiple Topologies . . . . . . . 12 3.3.5. Example Behavior - Single Topology/Algorithm . . . . 11
3.2.7. Evaluation of Policy Alternatives . . . . . . . . . . 13 3.3.6. Example Behavior - Multiple Topologies . . . . . . . 12
3.2.8. Guaranteeing Database Consistency . . . . . . . . . . 14 3.3.7. Evaluation of Policy Alternatives . . . . . . . . . . 13
3.3.8. Guaranteeing Database Consistency . . . . . . . . . . 14
4. Scope of SR-MPLS SID Conflicts . . . . . . . . . . . . . . . 14 4. Scope of SR-MPLS SID Conflicts . . . . . . . . . . . . . . . 14
5. Security Considerations . . . . . . . . . . . . . . . . . . . 15 5. Security Considerations . . . . . . . . . . . . . . . . . . . 15
6. IANA Consideration . . . . . . . . . . . . . . . . . . . . . 15 6. IANA Consideration . . . . . . . . . . . . . . . . . . . . . 15
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 15 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 15
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 15 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 15
8.1. Normative References . . . . . . . . . . . . . . . . . . 15 8.1. Normative References . . . . . . . . . . . . . . . . . . 15
8.2. Informational References . . . . . . . . . . . . . . . . 16 8.2. Informational References . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16
1. Introduction 1. Introduction
skipping to change at page 5, line 13 skipping to change at page 5, line 13
by a node is not affected by the state of the advertised SRGB. by a node is not affected by the state of the advertised SRGB.
3. SR-MPLS Segment Identifier Conflicts 3. SR-MPLS Segment Identifier Conflicts
In support of an MPLS dataplane Segment identifiers (SIDs) are In support of an MPLS dataplane Segment identifiers (SIDs) are
advertised and associated with a given prefix. SIDs may be advertised and associated with a given prefix. SIDs may be
advertised in the prefix reachability advertisements originated by a advertised in the prefix reachability advertisements originated by a
routing protocol (PFX) . SIDs may also be advertised by a Segment routing protocol (PFX) . SIDs may also be advertised by a Segment
Routing Mapping Server (SRMS). Routing Mapping Server (SRMS).
Mapping entries have an explicit context which includes the topology Information in a SID advertisement is used to construct a mapping
and the SR algorithm. A generalized mapping entry can be represented entry. A generalized mapping entry can be represented using the
using the following definitions: following definitions:
Src- PFX or SRMS Prf - Preference Value (See Section 3.1)
Pi - Initial prefix Pi - Initial prefix
Pe - End prefix Pe - End prefix
L - Prefix length L - Prefix length
Lx - Maximum prefix length (32 for IPv4, 128 for IPv6) Lx - Maximum prefix length (32 for IPv4, 128 for IPv6)
Si - Initial SID value Si - Initial SID value
Se - End SID value Se - End SID value
R - Range value (See Note 1) R - Range value (See Note 1)
T - Topology T - Topology
A - Algorithm A - Algorithm
A Mapping Entry is then the tuple: (Src, Pi/L, Si, R, T, A) A Mapping Entry is then the tuple: (Prf, Src, Pi/L, Si, R, T, A)
Pe = (Pi + ((R-1) << (Lx-L)) Pe = (Pi + ((R-1) << (Lx-L))
Se = Si + (R-1) Se = Si + (R-1)
NOTE 1: The SID advertised in a prefix reachability advertisement NOTE 1: The SID advertised in a prefix reachability advertisement
always has an implicit range of 1. always has an implicit range of 1.
Conflicts in SID advertisements may occur as a result of Conflicts in SID advertisements may occur as a result of
misconfiguration. Conflicts may occur either in the set of misconfiguration. Conflicts may occur either in the set of
advertisements originated by a single node or between advertisements advertisements originated by a single node or between advertisements
originated by different nodes. Conflicts which occur within the set originated by different nodes. Conflicts which occur within the set
skipping to change at page 6, line 5 skipping to change at page 6, line 5
be prevented by configuration validation on the originating node. be prevented by configuration validation on the originating node.
When conflicts occur, it is not possible for routers to know which of When conflicts occur, it is not possible for routers to know which of
the conflicting advertisements is "correct". In order to avoid the conflicting advertisements is "correct". In order to avoid
forwarding loops and/or blackholes, there is a need for all nodes to forwarding loops and/or blackholes, there is a need for all nodes to
resolve the conflicts in a consistent manner. This in turn requires resolve the conflicts in a consistent manner. This in turn requires
that all routers have identical sets of advertisements and that they that all routers have identical sets of advertisements and that they
all use the same selection algorithm. This document defines all use the same selection algorithm. This document defines
procedures to achieve these goals. procedures to achieve these goals.
3.1. Conflict Types 3.1. SID Preference
If a node acts as an SRMS, it MAY advertise a preference to be
associated with all SRMS SID advertisements sent by that node. The
means of advertising the preference is defined in the protocol
specific drafts e.g., [SR-OSPF], [SR-OSPFv3], and [SR-IS-IS]. The
preference value is an unsigned 8 bit integer with the following
properties:
0 - Reserved value indicating advertisements from that node
MUST NOT be used.
1 - 255 Preference value
Advertisement of a preference value is optional. Nodes which do not
advertise a preference value are assigned a preference value of 128.
All SIDs advertised in prefix reachability advertisements implicitly
have a preference value of 192.
3.2. Conflict Types
Two types of conflicts may occur - Prefix Conflicts and SID Two types of conflicts may occur - Prefix Conflicts and SID
Conflicts. Examples are provided in this section to illustrate these Conflicts. Examples are provided in this section to illustrate these
conflict types. conflict types.
3.1.1. Prefix Conflict 3.2.1. Prefix Conflict
When different SIDs are assigned to the same prefix we have a "prefix When different SIDs are assigned to the same prefix we have a "prefix
conflict". Prefix conflicts are specific to mapping entries sharing conflict". Prefix conflicts are specific to mapping entries sharing
the same topology and algorithm. the same topology and algorithm.
Example PC1 Example PC1
(PFX, 192.0.2.120/32, 200, 1, 0, 0) (192, 192.0.2.120/32, 200, 1, 0, 0)
(PFX, 192.0.2.120/32, 30, 1, 0, 0) (192, 192.0.2.120/32, 30, 1, 0, 0)
The prefix 192.0.2.120/32 has been assigned two different SIDs: The prefix 192.0.2.120/32 has been assigned two different SIDs:
200 by the first advertisement 200 by the first advertisement
30 by the second advertisement 30 by the second advertisement
Example PC2 Example PC2
(PFX, 2001:DB8::1/128, 400, 1, 2, 0) (192, 2001:DB8::1/128, 400, 1, 2, 0)
(PFX, 2001:DB8::1/128, 50, 1, 2, 0) (192, 2001:DB8::1/128, 50, 1, 2, 0)
The prefix 2001:DB8::1/128 has been assigned two different SIDs: The prefix 2001:DB8::1/128 has been assigned two different SIDs:
400 by the first advertisement 400 by the first advertisement
50 by the second advertisement 50 by the second advertisement
Prefix conflicts may also occur as a result of overlapping prefix Prefix conflicts may also occur as a result of overlapping prefix
ranges. ranges.
Example PC3 Example PC3
(SRMS, 192.0.2.1/32, 200, 200, 0, 0) (128, 192.0.2.1/32, 200, 200, 0, 0)
(SRMS, 192.0.2.121/32, 30, 10, 0, 0) (128, 192.0.2.121/32, 30, 10, 0, 0)
Prefixes 192.0.2.121/32 - 192.0.2.130/32 are assigned two Prefixes 192.0.2.121/32 - 192.0.2.130/32 are assigned two
different SIDs: different SIDs:
320 through 329 by the first advertisement 320 through 329 by the first advertisement
30 through 39 by the second advertisement 30 through 39 by the second advertisement
Example PC4 Example PC4
(SRMS, 2001:DB8::1/128, 400, 200, 2, 0) (128, 2001:DB8::1/128, 400, 200, 2, 0)
(SRMS, 2001:DB8::121/128, 50, 10, 2, 0) (128, 2001:DB8::121/128, 50, 10, 2, 0)
Prefixes 2001:DB8::121/128 - 2001:DB8::130/128 are assigned Prefixes 2001:DB8::121/128 - 2001:DB8::130/128 are assigned
two different SIDs: two different SIDs:
420 through 429 by the first advertisement 420 through 429 by the first advertisement
50 through 59 by the second advertisement 50 through 59 by the second advertisement
Examples PC3 and PC4 illustrate a complication - only part of the Examples PC3 and PC4 illustrate a complication - only part of the
range advertised in the first advertisement is in conflict. It is range advertised in the first advertisement is in conflict. It is
logically possible to isolate the conflicting portion and try to use logically possible to isolate the conflicting portion and try to use
the non-conflicting portion(s) at the cost of increased the non-conflicting portion(s).
implementation complexity.
A variant of the overlapping prefix range is a case where we have A variant of the overlapping prefix range is a case where we have
overlapping prefix ranges but no actual SID conflict. overlapping prefix ranges but no actual SID conflict.
Example PC5 Example PC5
(SRMS, 192.0.2.1/32, 200, 200, 0, 0) (128, 192.0.2.1/32, 200, 200, 0, 0)
(SRMS, 192.0.2.121/32, 320, 10, 0, 0) (128, 192.0.2.121/32, 320, 10, 0, 0)
(SRMS, 2001:DB8::1/128, 400, 200, 2, 0) (128, 2001:DB8::1/128, 400, 200, 2, 0)
(SRMS, 2001:DB8::121/128, 520, 10, 2, 0) (128, 2001:DB8::121/128, 520, 10, 2, 0)
Although there is prefix overlap between the two IPv4 entries (and Although there is prefix overlap between the two IPv4 entries (and
the two IPv6 entries) the same SID is assigned to all of the shared the two IPv6 entries) the same SID is assigned to all of the shared
prefixes by the two entries. prefixes by the two entries.
Given two mapping entries: Given two mapping entries:
(SRC, P1/L1, S1, R1, T1, A1) and (Prf, P1/L1, S1, R1, T1, A1) and
(SRC, P2/L2, S2, R2, T2, A2) (Prf, P2/L2, S2, R2, T2, A2)
where P1 <= P2 where P1 <= P2
a prefix conflict exists if all of the following are true: a prefix conflict exists if all of the following are true:
1)(T1 == T2) && (A1 == A2) 1)(T1 == T2) && (A1 == A2)
2)P1 <= P2 2)P1 <= P2
3)The prefixes are in the same address family. 3)The prefixes are in the same address family.
2)L1 == L2 2)L1 == L2
3)(P1e >= P2) && ((S1 + (P2 - P1)) != S2) 3)(P1e >= P2) && ((S1 + (P2 - P1)) != S2)
3.1.2. SID Conflict 3.2.2. SID Conflict
When the same SID has been assigned to multiple prefixes we have a When the same SID has been assigned to multiple prefixes we have a
"SID conflict". SID conflicts are independent of address-family, "SID conflict". SID conflicts are independent of address-family,
independent of prefix len, independent of topology, and independent independent of prefix len, independent of topology, and independent
of algorithm. A SID conflict occurs when a mapping entry which has of algorithm. A SID conflict occurs when a mapping entry which has
previously been checked to have no prefix conflict assigns one or previously been checked to have no prefix conflict assigns one or
more SIDs that are assigned by another entry which also has no prefix more SIDs that are assigned by another entry which also has no prefix
conflicts. conflicts.
Example SC1 Example SC1
(PFX, 192.0.2.1/32, 200, 1, 0, 0) (192, 192.0.2.1/32, 200, 1, 0, 0)
(PFX, 192.0.2.222/32, 200, 1, 0, 0) (192, 192.0.2.222/32, 200, 1, 0, 0)
SID 200 has been assigned to 192.0.2.1/32 by the SID 200 has been assigned to 192.0.2.1/32 by the
first advertisement. first advertisement.
The second advertisement assigns SID 200 to 192.0.2.222/32. The second advertisement assigns SID 200 to 192.0.2.222/32.
Example SC2 Example SC2
(PFX, 2001:DB8::1/128, 400, 1, 2, 0) (192, 2001:DB8::1/128, 400, 1, 2, 0)
(PFX, 2001:DB8::222/128, 400, 1, 2, 0) (192, 2001:DB8::222/128, 400, 1, 2, 0)
SID 400 has been assigned to 2001:DB8::1/128 by the SID 400 has been assigned to 2001:DB8::1/128 by the
first advertisement. first advertisement.
The second advertisement assigns SID 400 to 2001:DB8::222/128 The second advertisement assigns SID 400 to 2001:DB8::222/128
SID conflicts may also occur as a result of overlapping SID ranges. SID conflicts may also occur as a result of overlapping SID ranges.
Example SC3 Example SC3
(SRMS, 192.0.2.1/32, 200, 200, 0, 0) (128, 192.0.2.1/32, 200, 200, 0, 0)
(SRMS, 198.51.100.1/32, 300, 10, 0, 0) (128, 198.51.100.1/32, 300, 10, 0, 0)
SIDs 300 - 309 have been assigned to two different prefixes. SIDs 300 - 309 have been assigned to two different prefixes.
The first advertisement assigns these SIDs The first advertisement assigns these SIDs
to 192.0.2.101/32 - 192.0.2.110/32. to 192.0.2.101/32 - 192.0.2.110/32.
The second advertisement assigns these SIDs to The second advertisement assigns these SIDs to
198.51.100.1/32 - 198.51.100.10/32. 198.51.100.1/32 - 198.51.100.10/32.
Example SC4 Example SC4
(SRMS, 2001:DB8::1/128, 400, 200, 2, 0) (128, 2001:DB8::1/128, 400, 200, 2, 0)
(SRMS, 2001:DB8:1::1/128, 500, 10, 2, 0) (128, 2001:DB8:1::1/128, 500, 10, 2, 0)
SIDs 500 - 509 have been assigned to two different prefixes. SIDs 500 - 509 have been assigned to two different prefixes.
The first advertisement assigns these SIDs to The first advertisement assigns these SIDs to
2001:DB8::101/128 - 2001:DB8::10A/128. 2001:DB8::101/128 - 2001:DB8::10A/128.
The second advertisement assigns these SIDs to The second advertisement assigns these SIDs to
2001:DB8:1::1/128 - 2001:DB8:1::A/128. 2001:DB8:1::1/128 - 2001:DB8:1::A/128.
Examples SC3 and SC4 illustrate a complication - only part of the Examples SC3 and SC4 illustrate a complication - only part of the
range advertised in the first advertisement is in conflict. range advertised in the first advertisement is in conflict.
3.2. Processing conflicting entries 3.3. Processing conflicting entries
Two general approaches can be used to process conflicting entries. Two general approaches can be used to process conflicting entries.
1. Conflicting entries can be ignored 1. Conflicting entries can be ignored
2. A standard preference algorithm can be used to choose which of 2. A standard preference algorithm can be used to choose which of
the conflicting entries will be used the conflicting entries will be used
The following sections discuss these two approaches in more detail. The following sections discuss these two approaches in more detail.
Note: This document does not discuss any implementation details i.e. Note: This document does not discuss any implementation details i.e.
what type of data structure is used to store the entries (trie, radix what type of data structure is used to store the entries (trie, radix
tree, etc.) nor what type of keys may be used to perform lookups in tree, etc.) nor what type of keys may be used to perform lookups in
the database. the database.
3.2.1. Policy: Ignore conflicting entries 3.3.1. Policy: Ignore conflicting entries
In cases where entries are in conflict none of the conflicting In cases where entries are in conflict none of the conflicting
entries are used i.e., the network operates as if the conflicting entries are used i.e., the network operates as if the conflicting
advertisements were not present. advertisements were not present.
Implementations are required to identify the conflicting entries and Implementations are required to identify the conflicting entries and
ensure that they are not used. ensure that they are not used.
3.2.2. Policy: Preference Algorithm/Quarantine 3.3.2. Policy: Preference Algorithm/Quarantine
For entries which are in conflict properties of the conflicting For entries which are in conflict properties of the conflicting
advertisements are used to determine which of the conflicting entries advertisements are used to determine which of the conflicting entries
are used in forwarding and which are "quarantined" and not used. The are used in forwarding and which are "quarantined" and not used. The
entire quarantined entry is not used. entire quarantined entry is not used.
This approach requires that conflicting entries first be identified This approach requires that conflicting entries first be identified
and then evaluated based on a preference rule. Based on which entry and then evaluated based on a preference rule. Based on which entry
is preferred this in turn may impact what other entries are is preferred this in turn may impact what other entries are
considered in conflict i.e. if A conflicts with B and B conflicts considered in conflict i.e. if A conflicts with B and B conflicts
with C - it is possible that A does NOT conflict with C. Hence if as with C - it is possible that A does NOT conflict with C. Hence if as
a result of the evaluation of the conflict between A and B, entry B a result of the evaluation of the conflict between A and B, entry B
is not used the conflict between B and C will not be detected. is not used the conflict between B and C will not be detected.
3.2.3. Policy: Preference algorithm/ignore overlap only 3.3.3. Policy: Preference algorithm/ignore overlap only
A variation of the preference algorithm approach is to quarantine A variation of the preference algorithm approach is to quarantine
only the portions of the less preferred entry which actually only the portions of the less preferred entry which actually
conflicts. The original entry is split into multiple ranges. The conflicts. The original entry is split into multiple ranges. The
ranges which are in conflict are quarantined. The ranges which are ranges which are in conflict are quarantined. The ranges which are
not in conflict are used in forwarding. This approach adds not in conflict are used in forwarding. This approach adds
complexity as the relationship between the derived sub-ranges of the complexity as the relationship between the derived sub-ranges of the
original mapping entry have to be associated with the original entry original mapping entry have to be associated with the original entry
- and every time some change to the advertisement database occurs the - and every time some change to the advertisement database occurs the
derived sub-ranges have to be recalculated. derived sub-ranges have to be recalculated.
3.2.4. Preference Algorithm 3.3.4. Preference Algorithm
The following algorithm is used to select the preferred mapping entry The following algorithm is used to select the preferred mapping entry
when a conflict exists. Evaluation is made in the order specified. when a conflict exists. Evaluation is made in the order specified.
Prefix conflicts are evaluated first. SID conflicts are then Prefix conflicts are evaluated first. SID conflicts are then
evaluated on the Active entries remaining after Prefix Conflicts have evaluated on the Active entries remaining after Prefix Conflicts have
been resolved. been resolved.
1. PFX source wins over SRMS source 1. Higher preference value wins
2. Smaller range wins 2. Smaller range wins
3. IPv6 entry wins over IPv4 entry 3. IPv6 entry wins over IPv4 entry
4. Longer prefix length wins 4. Longer prefix length wins
5. Smaller algorithm wins 5. Smaller algorithm wins
6. Smaller starting address (considered as an unsigned integer 6. Smaller starting address (considered as an unsigned integer
value) wins value) wins
7. Smaller starting SID wins 7. Smaller starting SID wins
8. If topology IDs are NOT identical both entries MUST be ignored 8. If topology IDs are NOT identical both entries MUST be ignored
Using smaller range as the highest priority tie breaker makes As SIDs associated with prefix reachability advertisements have a
advertisements with a range of 1 the most preferred. This has the preference of 192 while by default SRMS preference is 128, the
nice property that a single misconfiguration of an SRMS entry with a default behavior is then to prefer SIDs advertised in prefix
large range will not be preferred over a large number of reachability advertisements over SIDs advertised by SRMSs, but an
advertisements with smaller ranges. operator can choose to override this behavior by setting SRMS
preference higher than 192.
Preferring advertisements with smaller range has the nice property
that a single misconfiguration of an SRMS entry with a large range
will not be preferred over a large number of advertisements with
smaller ranges.
Since topology identifiers are locally scoped, it is not possible to Since topology identifiers are locally scoped, it is not possible to
make a consistent choice network wide when all elements of a mapping make a consistent choice network wide when all elements of a mapping
entry are identical except for the topology. This is why both entry are identical except for the topology. This is why both
entries MUST be ignored in such cases (Rule #8 above). Note that entries MUST be ignored in such cases (Rule #8 above). Note that
Rule #8 only applies when considering SID conflicts since Prefix Rule #8 only applies when considering SID conflicts since Prefix
conflicts are restricted to a single topology. conflicts are restricted to a single topology.
3.2.5. Example Behavior - Single Topology/Algorithm 3.3.5. Example Behavior - Single Topology/Algorithm
The following mapping entries exist:in the database. For brevity, The following mapping entries exist:in the database. For brevity,
Topology/Algorithm is omitted and assumed to be (0,0) in all entries. Topology/Algorithm is omitted and assumed to be (0,0) in all entries.
1. (PFX, 192.0.2.1/32, 100, 1) 1. (192, 192.0.2.1/32, 100, 1)
2. (PFX, 192.0.2.101/32, 200, 1) 2. (192, 192.0.2.101/32, 200, 1)
3. (SRMS, 192.0.2.1/32, 400, 255) !Prefix conflict with entries 1 3. (128, 192.0.2.1/32, 400, 255) !Prefix conflict with entries 1 and
and 2 2
4. (SRMS, 198.51.100.40/32, 200,1) !SID conflict with entry 2 4. (128, 198.51.100.40/32, 200,1) !SID conflict with entry 2
The table below shows what mapping entries will be used in the The table below shows what mapping entries will be used in the
forwarding plane (Active) and which ones will not be used (Excluded) forwarding plane (Active) and which ones will not be used (Excluded)
under the three candidate policies: under the three candidate policies:
+--------------------------------------------------------------------+ +--------------------------------------------------------------------+
|Policy | Active Entries | Excluded Entries | |Policy | Active Entries | Excluded Entries |
+--------------------------------------------------------------------+ +--------------------------------------------------------------------+
|Ignore | |(PFX,192.0.2.1/32,100,1) | |Ignore | |(192,192.0.2.1/32,100,1) |
| | |(PFX,192.0.2.101/32,200,1) | | | |(192,192.0.2.101/32,200,1) |
| | |(SRMS,192.0.2.1/32,400,255) | | | |(128,192.0.2.1/32,400,255) |
| | |(SRMS,198.51.100.40/32,200,1)| | | |(128,198.51.100.40/32,200,1) |
+--------------------------------------------------------------------+ +--------------------------------------------------------------------+
|Quarantine|(PFX,192.0.1.1/32,100,1) |(SRMS,192.0.2.1/32,400,255) | |Quarantine|(192,192.0.1.1/32,100,1) |(128,192.0.2.1/32,400,255) |
| |(PFX,192.0.2.101/32,200,1) |(SRMS,198.51.100.40/32,200,1)| | |(192,192.0.2.101/32,200,1) |(128,198.51.100.40/32,200,1) |
+--------------------------------------------------------------------+ +--------------------------------------------------------------------+
|Overlap- |(PFX,192.0.2.1/32,100,1) |(SRMS,198.51.100.40/32,200,1)| |Overlap- |(192,192.0.2.1/32,100,1) |(128,198.51.100.40/32,200,1) |
| Only |(PFX,192.0.2.101/32,200,1) |*(SRMS,192.0.2.1/32,400,1) | | Only |(192,192.0.2.101/32,200,1) |*(128,192.0.2.1/32,400,1) |
| |*(SRMS,192.0.2.2/32,401,99)|*(SRMS,192.0.2.101/32,500,1) | | |*(128,192.0.2.2/32,401,99) |*(128,192.0.2.101/32,500,1) |
| |*(SRMS,192.0.2.102/32, | | |*(128,192.0.2.102/32, |
| | 501,153) | | | | 501,153) | |
+--------------------------------------------------------------------+ +--------------------------------------------------------------------+
* Derived from (SRMS,192.0.2.1/32,400,300) * Derived from (128,192.0.2.1/32,400,300)
3.2.6. Example Behavior - Multiple Topologies 3.3.6. Example Behavior - Multiple Topologies
When using a preference rule the order in which conflict resolution When using a preference rule the order in which conflict resolution
is applied has an impact on what entries are usable when entries for is applied has an impact on what entries are usable when entries for
multiple topologies (or algorithms) are present. The following multiple topologies (or algorithms) are present. The following
mapping entries exist in the database: mapping entries exist in the database:
1. (PFX, 192.0.2.1/32, 100, 1, 0, 0) !Topology 0 1. (192, 192.0.2.1/32, 100, 1, 0, 0) !Topology 0
2. (PFX, 192.0.2.1/32, 200, 1, 0, 0) !Topology 0, Prefix Conflict 2. (192, 192.0.2.1/32, 200, 1, 0, 0) !Topology 0, Prefix Conflict
with entry #1 with entry #1
3. (PFX, 198.51.100.40/32, 200,1,1,0) ! Topology 1, SID conflict 3. (192, 198.51.100.40/32, 200,1,1,0) ! Topology 1, SID conflict
with entry 2 with entry 2
The table below shows what mapping entries will be used in the The table below shows what mapping entries will be used in the
forwarding plane (Active) and which ones will not be used (Excluded) forwarding plane (Active) and which ones will not be used (Excluded)
under the Quarantine Policy based on the order in which conflict under the Quarantine Policy based on the order in which conflict
resolution is applied. resolution is applied.
+------------------------------------------------------------------+ +------------------------------------------------------------------+
|Order | Active Entries | Excluded Entries | |Order | Active Entries | Excluded Entries |
+------------------------------------------------------------------+ +------------------------------------------------------------------+
|Prefix- |(PFX,192.0.2.1/32,100,1,0,0)|(PFX,192.0.2.101/32,200,1,0)| |Prefix- |(192,192.0.2.1/32,100,1,0,0)|(192,192.0.2.101/32,200,1,0)|
|Conflict|(PFX,198.51.100.40/32,200,1,| | |Conflict|(192,198.51.100.40/32,200,1,| |
|First | 1,0) | | |First | 1,0) | |
+------------------------------------------------------------------+ +------------------------------------------------------------------+
|SID- |(PFX,192.0.2.1/32,100,1,0,0)|(PFX,192.0.2.101/32,200,1,0)| |SID- |(192,192.0.2.1/32,100,1,0,0)|(192,192.0.2.101/32,200,1,0)|
|Conflict| |(PFX,198.51.100.40/32,200,1,| |Conflict| |(192,198.51.100.40/32,200,1,|
|First | | 1,0) | |First | | 1,0) |
+------------------------------------------------------------------+ +------------------------------------------------------------------+
This illustrates the advantage of evaluating prefix conflicts within This illustrates the advantage of evaluating prefix conflicts within
a given topology (or algorithm) before evaluating topology (or a given topology (or algorithm) before evaluating topology (or
algorithm) independent SID conflicts. It insures that entries which algorithm) independent SID conflicts. It insures that entries which
will be excluded based on intratopology preference will not prevent a will be excluded based on intratopology preference will not prevent a
SID assigned in another topology from being considered Active. SID assigned in another topology from being considered Active.
3.2.7. Evaluation of Policy Alternatives 3.3.7. Evaluation of Policy Alternatives
The previous sections have defined three alternatives for resolving The previous sections have defined three alternatives for resolving
conflicts - ignore, quarantine, and ignore overlap-only. conflicts - ignore, quarantine, and ignore overlap-only.
The ignore policy impacts the greatest amount of traffic as The ignore policy impacts the greatest amount of traffic as
forwarding to all destinations which have a conflict is affected. forwarding to all destinations which have a conflict is affected.
Quarantine allows forwarding for some destinations which have a Quarantine allows forwarding for some destinations which have a
conflict to be supported. conflict to be supported.
skipping to change at page 14, line 9 skipping to change at page 14, line 9
be recomputed based on the updated database. Internal data be recomputed based on the updated database. Internal data
structures have to be maintained which maintain the relationship structures have to be maintained which maintain the relationship
between the advertised mapping entry and the set of derived mapping between the advertised mapping entry and the set of derived mapping
entries. All nodes in the network have to achieve the same behavior entries. All nodes in the network have to achieve the same behavior
regardless of implementation internals. regardless of implementation internals.
There is then a tradeoff between a goal of maximizing traffic There is then a tradeoff between a goal of maximizing traffic
delivery and the risks associated with increased implementation delivery and the risks associated with increased implementation
complexity. complexity.
It is the opinion of the authors that "quarantine" is the best Consensus of the working group is that maximizing traffic delivery is
alternative. the most important deployment consideration - therefore ignore-
overlap-only is specified as the standard policy which MUST be
implemented by all nodes which support SR-MPLS.
3.2.8. Guaranteeing Database Consistency 3.3.8. Guaranteeing Database Consistency
In order to obtain consistent active entries all nodes in a network In order to obtain consistent active entries all nodes in a network
MUST have the same mapping entry database. Mapping entries can be MUST have the same mapping entry database. Mapping entries can be
obtained from a variety of sources. obtained from a variety of sources.
o SIDs can be configured locally for prefixes assigned to interfaces o SIDs can be configured locally for prefixes assigned to interfaces
on the router itself. Only SIDs which are advertised to protocol on the router itself. Only SIDs which are advertised to protocol
peers can be considered as part of the mapping entry database. peers can be considered as part of the mapping entry database.
o SIDs can be received in prefix reachability advertisements from o SIDs can be received in prefix reachability advertisements from
skipping to change at page 15, line 21 skipping to change at page 15, line 23
destination in Site A MAY use the same SID as a destination in Site B destination in Site A MAY use the same SID as a destination in Site B
without introducing any conflict in the forwarding plane of routers without introducing any conflict in the forwarding plane of routers
in Site A. in Site A.
Such cases are handled by insuring that the mapping entries in the Such cases are handled by insuring that the mapping entries in the
database used by the procedures defined in the previous section only database used by the procedures defined in the previous section only
include entries associated with advertisements within the site. include entries associated with advertisements within the site.
5. Security Considerations 5. Security Considerations
TBD The ability to introduce SID conflicts into a deployment may
compromise traffic forwarding. Protocol specific security mechanisms
SHOULD be used to insure that all SID advertisements originate from
trusted sources.
6. IANA Consideration 6. IANA Consideration
This document has no actions for IANA. This document has no actions for IANA.
7. Acknowledgements 7. Acknowledgements
The authors would like to thank Jeff Tantsura, Wim Henderickx, and The authors would like to thank Jeff Tantsura, Wim Henderickx, and
Bruno Decraene for their careful review and content suggestions. Bruno Decraene for their careful review and content suggestions.
skipping to change at page 15, line 47 skipping to change at page 16, line 7
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
2006, <http://www.rfc-editor.org/info/rfc4364>. 2006, <http://www.rfc-editor.org/info/rfc4364>.
[SR-IS-IS] [SR-IS-IS]
"IS-IS Extensions for Segment Routing, draft-ietf-isis- "IS-IS Extensions for Segment Routing, draft-ietf-isis-
segment-routing-extensions-07(work in progress)", June segment-routing-extensions-08(work in progress)", October
2016. 2016.
[SR-MPLS] "Segment Routing with MPLS dataplane, draft-ietf-spring- [SR-MPLS] "Segment Routing with MPLS dataplane, draft-ietf-spring-
segment-routing-mpls-04(work in progress)", March 2016. segment-routing-mpls-05(work in progress)", July 2016.
[SR-OSPF] "OSPF Extensions for Segment Routing, draft-ietf-ospf- [SR-OSPF] "OSPF Extensions for Segment Routing, draft-ietf-ospf-
segment-routing-extensions-08(work in progress)", May segment-routing-extensions-09(work in progress)", July
2016. 2016.
[SR-OSPFv3] [SR-OSPFv3]
"OSPFv3 Extensions for Segment Routing, draft-ietf-ospf- "OSPFv3 Extensions for Segment Routing, draft-ietf-ospf-
ospfv3-segment-routing-extensions-05(work in progress)", ospfv3-segment-routing-extensions-06(work in progress)",
March 2016. July 2016.
8.2. Informational References 8.2. Informational References
[SR-ARCH] "Segment Routing Architecture, draft-ietf-spring-segment- [SR-ARCH] "Segment Routing Architecture, draft-ietf-spring-segment-
routing-08(work in progress)", May 2016. routing-09(work in progress)", July 2016.
Authors' Addresses Authors' Addresses
Les Ginsberg Les Ginsberg
Cisco Systems Cisco Systems
510 McCarthy Blvd. 821 Alder Drive
Milpitas, CA 95035 Milpitas, CA 95035
USA USA
Email: ginsberg@cisco.com Email: ginsberg@cisco.com
Peter Psenak Peter Psenak
Cisco Systems Cisco Systems
Apollo Business Center Mlynske nivy 43 Apollo Business Center Mlynske nivy 43
Bratislava 821 09 Bratislava 821 09
Slovakia Slovakia
 End of changes. 55 change blocks. 
96 lines changed or deleted 126 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/