Internet DRAFT - draft-ietf-spring-conflict-resolution

draft-ietf-spring-conflict-resolution







Networking Working Group                                     L. Ginsberg
Internet-Draft                                                 P. Psenak
Intended status: Standards Track                              S. Previdi
Expires: January 3, 2018                                   Cisco Systems
                                                                M. Pilka
                                                            July 2, 2017


                Segment Routing MPLS Conflict Resolution
              draft-ietf-spring-conflict-resolution-05.txt

Abstract

   In support of Segment Routing (SR) for an MPLS data plane routing
   protocols advertise a variety of identifiers used to define the
   segments which direct forwarding of packets.  In cases where the
   information advertised by a given protocol instance is either
   internally inconsistent or conflicts with advertisements from another
   protocol instance a means of achieving consistent forwarding behavior
   in the network is required.  This document defines the policies used
   to resolve these occurrences.

Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on January 3, 2018.







Ginsberg, et al.         Expires January 3, 2018                [Page 1]

Internet-Draft           sr-conflict-resolution                July 2017


Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  SR Global Block Inconsistency . . . . . . . . . . . . . . . .   3
   3.  SR-MPLS Segment Identifier Conflicts  . . . . . . . . . . . .   5
     3.1.  SID Preference  . . . . . . . . . . . . . . . . . . . . .   6
     3.2.  Conflict Types  . . . . . . . . . . . . . . . . . . . . .   7
       3.2.1.  Prefix Conflict . . . . . . . . . . . . . . . . . . .   7
       3.2.2.  SID Conflict  . . . . . . . . . . . . . . . . . . . .   9
     3.3.  Preference rule for resolving conflicts . . . . . . . . .  12
     3.4.  Conflict Resolution Algorithm . . . . . . . . . . . . . .  13
     3.5.  Example Behavior - Single Topology/Address
           Family/Algorithm  . . . . . . . . . . . . . . . . . . . .  14
     3.6.  Example Behavior - Multiple Topologies  . . . . . . . . .  15
     3.7.  Guaranteeing Database Consistency . . . . . . . . . . . .  16
     3.8.  Minimizing the occurence of conflicts . . . . . . . . . .  16
   4.  Scope of SR-MPLS SID Conflicts  . . . . . . . . . . . . . . .  16
   5.  Conflict Resolution and non-forwarding nodes  . . . . . . . .  17
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .  17
   7.  IANA Consideration  . . . . . . . . . . . . . . . . . . . . .  18
   8.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  18
   9.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  18
     9.1.  Normative References  . . . . . . . . . . . . . . . . . .  18
     9.2.  Informational References  . . . . . . . . . . . . . . . .  19
   Appendix A.  Alternative SID Conflict Resolution Policy
                Discussion . . . . . . . . . . . . . . . . . . . . .  19
     A.1.  Policy: Ignore conflicting entries  . . . . . . . . . . .  19
     A.2.  Policy: Preference Algorithm/Quarantine . . . . . . . . .  19
     A.3.  Policy: Preference algorithm/ignore overlap only  . . . .  20
     A.4.  Example Behavior - Single Topology/Address
           Family/Algorithm  . . . . . . . . . . . . . . . . . . . .  20
     A.5.  Evaluation of Policy Alternatives . . . . . . . . . . . .  21
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  22



Ginsberg, et al.         Expires January 3, 2018                [Page 2]

Internet-Draft           sr-conflict-resolution                July 2017


1.  Introduction

   Segment Routing (SR) as defined in [SR-ARCH] utilizes forwarding
   instructions called "segments" to direct packets through the network.
   Depending on the forwarding plane architecture in use, routing
   protocols advertise various identifiers which define the permissible
   values which can be used as segments, which values are assigned to
   specific prefixes, etc.  Where segments have global scope it is
   necessary to have non-conflicting assignments - but given that the
   advertisements may originate from multiple nodes the possibility
   exists that advertisements may be received which are either
   internally inconsistent or conflicting with advertisements originated
   by other nodes.  In such cases it is necessary to have consistent
   resolution of conflicts network-wide in order to avoid forwarding
   loops.

   This document is limited to discussion of conflict resolution for
   identifiers used in an MPLS data plane.

   The problem to be addressed is protocol independent i.e., segment
   related advertisements may be originated by multiple nodes using
   different protocols and yet the conflict resolution MUST be the same
   on all nodes regardless of the protocol used to transport the
   advertisements.

   The remainder of this document defines conflict resolution policies
   which meet these requirements.  All protocols which support SR MUST
   adhere to the policies defined in this document.

2.  SR Global Block Inconsistency

   In support of an MPLS dataplane [SR-MPLS] routing protocols advertise
   an SR Global Block (SRGB) which defines a set of label ranges
   reserved for use by the advertising node in support of SR.  The
   details of how protocols advertise this information can be found in
   the protocol specific drafts e.g., [SR-OSPF], [SR-OSPFv3], [SR-IS-
   IS], and [SR-BGP].  However the protocol independent semantics are
   illustrated by the following example:













Ginsberg, et al.         Expires January 3, 2018                [Page 3]

Internet-Draft           sr-conflict-resolution                July 2017


   The originating router advertises the following ranges:

         Range 1: (100, 199)
         Range 2: (1000, 1099)
         Range 3: (500, 599)

    The receiving routers concatenate the ranges and build the Segment
    Routing Global Block (SRGB) as follows:

      SRGB = (100, 199)
             (1000, 1099)
             (500, 599)

    The indeces span multiple ranges:

         index=0 means label 100
         ...
         index 99 means label 199
         index 100 means label 1000
         index 199 means label 1099
         ...
         index 200 means label 500
         ...

   Note that the ranges are an ordered set - what labels are mapped to a
   given index depends on the placement of a given label range in the
   set of ranges advertised.

   For the set of ranges to be usable the ranges MUST be disjoint.
   Sender behavior is defined in various SR protocol drafts such as [SR-
   IS-IS] which specify that senders MUST NOT advertise overlapping
   ranges.

   Receivers of SRGB ranges MUST validate the SRGB ranges advertised by
   other nodes.  If the advertised ranges do not conform to the
   restrictions defined in the respective protocol specification
   receivers MUST ignore all advertised SRGB ranges from that node.
   Operationally the node is treated as though it did not advertise any
   SRGB ranges.  [SR-MPLS] defines the procedures for mapping global
   SIDs to outgoing labels.

   Note that utilization of local SIDs (e.g. adjacency SIDs) advertised
   by a node is not affected by the state of the advertised SRGB.








Ginsberg, et al.         Expires January 3, 2018                [Page 4]

Internet-Draft           sr-conflict-resolution                July 2017


3.  SR-MPLS Segment Identifier Conflicts

   In support of an MPLS dataplane Segment Identifiers (SIDs) are
   advertised and associated with a given prefix.  SIDs may be
   advertised in the prefix reachability advertisements originated by a
   routing protocol (PFX) . SIDs may also be advertised by a Segment
   Routing Mapping Server (SRMS).  How this is done is defined in the
   protocol specific drafts e.g., [SR-OSPF], [SR-OSPFv3], [SR-IS-IS],
   and [SR-BGP]

   Information in a SID advertisement is used to construct a mapping
   entry.  A generalized mapping entry can be represented using the
   following definitions:

       Prf - Preference Value (See Section 3.1)
       Pi - Initial prefix
       Pe - End prefix
       L  - Prefix length
       Lx - Maximum prefix length (32 for IPv4, 128 for IPv6)
       Si - Initial SID value
       Se - End SID value
       R  - Range value (See Note 1)
       T  - Topology
       A  - Algorithm (see [SR-ARCH])

       A Mapping Entry is then the tuple: (Prf, Pi/L, Si, R, T, A)
       Pe = (Pi + ((R-1) << (Lx-L))
       Se = Si + (R-1)

       NOTE 1: The SID advertised in a prefix reachability advertisement
               always has an implicit range of 1.

       NOTE 2: IPv4/IPv6 addresses can be viewed as 32/128 bit integers.
               Where operations such as addition, subtraction, and/or
               bit shifting are specified for prefixes this should be
               interpreted as operations on the integer representation
               of a prefix.


   Note: Topology is a locally scoped identifier assigned by each
   router.  Although it may have an association with Multitopology
   Identifiers (MTID) advertised by routing protocols it is NOT
   equivalent to these identifiers.  MTIDs are scoped by a given routing
   protocol.  MTID ranges are protocol specific and there may be
   standardized protocol specific MTID assignments for topologies of a
   specific type (e.g., an AFI specific topology).  As mapping entries
   can be sourced from multiple protocols it is not possible to use a




Ginsberg, et al.         Expires January 3, 2018                [Page 5]

Internet-Draft           sr-conflict-resolution                July 2017


   network scoped identifier for a topology when storing mapping entries
   in the local datbase.

   Conflicts in SID advertisements may occur as a result of
   misconfiguration.  When conflicts occur, it is not possible for
   routers to know which of the conflicting advertisements is "correct".
   In order to avoid forwarding loops and/or blackholes, there is a need
   for all nodes to resolve the conflicts in a consistent manner.  This
   in turn requires that all routers have identical sets of
   advertisements and that they all use the same selection algorithm.
   This document defines procedures to achieve these goals.

3.1.  SID Preference

   If a node acts as an SRMS, it MAY advertise a preference to be
   associated with all SRMS SID advertisements sent by that node.  The
   means of advertising the preference is defined in the protocol
   specific drafts e.g., [SR-OSPF], [SR-OSPFv3], and [SR-IS-IS].  The
   preference value is an unsigned 8 bit integer with the following
   properties:

      0 - Reserved value indicating advertisements from that node
          MUST NOT be used.
      1 - 255 Preference value

   Advertisement of a preference value is optional.  Nodes which do not
   advertise a preference value are assigned a preference value of 128.

   All SIDs advertised in prefix reachability advertisements originated
   by an IGP implicitly have a preference value of 192.

   All SIDs advertised in prefix reachability advertisements originated
   by BGP implicitly have a preference value of 64.

   These preference values are deliberately chosen to favor SID
   advertisements originated within a domain (IGP and SRMS) over SID
   advertisements which may have been imported from other domains (BGP).
   In addition, as BGP originated advertisements may not be known on all
   nodes within a domain (because not every node will be a BGP speaker),
   the presence of a BGP originated mapping entry MUST NOT cause a
   mapping entry originated within the domain to become unusable as this
   would introduce inconsistency in the set of SIDs considered usable by
   a node which has the BGP originated mapping entries and the set
   considered usable by nodes without the BGP originated mapping
   entries.






Ginsberg, et al.         Expires January 3, 2018                [Page 6]

Internet-Draft           sr-conflict-resolution                July 2017


3.2.  Conflict Types

   Two types of conflicts may occur - Prefix Conflicts and SID
   Conflicts.  Examples are provided in this section to illustrate these
   conflict types and generic definitions of algorithms to determine
   when there is a conflict are presented.

3.2.1.  Prefix Conflict

   When different SIDs are assigned to the same prefix we have a "prefix
   conflict".  Prefix conflicts are limited to mapping entries sharing
   the same topology, algorithm, address-family, and prefix length.

3.2.1.1.  Prefix Conflict Examples

   The simplest example is when two advertisements with a range of 1
   assign different SIDs to the same prefix.

   Example PC1

   (192, 192.0.2.120/32, 200, 1, 0, 0)
   (192, 192.0.2.120/32, 30, 1, 0, 0)

   The prefix 192.0.2.120/32 has been assigned two different SIDs:
     200 by the first advertisement
     30 by the second advertisement

   Example PC2

   (192, 2001:DB8::1/128, 400, 1, 2, 0)
   (192, 2001:DB8::1/128, 50, 1, 2, 0)

   The prefix 2001:DB8::1/128 has been assigned two different SIDs:
    400 by the first advertisement
    50 by the second advertisement

   Prefix conflicts may also occur as a result of overlapping prefix
   ranges.













Ginsberg, et al.         Expires January 3, 2018                [Page 7]

Internet-Draft           sr-conflict-resolution                July 2017


   Example PC3

   (128, 192.0.2.1/32, 200, 200, 0, 0)
   (128, 192.0.2.121/32, 30, 10, 0, 0)

   Prefixes 192.0.2.121/32 - 192.0.2.130/32 are assigned two
   different SIDs:
    320 through 329 by the first advertisement
    30 through 39 by the second advertisement

   Example PC4
   (128, 2001:DB8::1/128, 400, 200, 2, 0)
   (128, 2001:DB8::121/128, 50, 10, 2, 0)

   Prefixes 2001:DB8::121/128 - 2001:DB8::130/128 are assigned
   two different SIDs:
     420 through 429 by the first advertisement
     50 through 59 by the second advertisement

   Examples PC3 and PC4 illustrate a complication - only part of the
   range advertised in the first advertisement is in conflict.  It is
   logically possible to consider the sub-range(s) which are in conflict
   as unusable while considering the sub-range(s) not in conflict as
   usable.

   A variant of the overlapping prefix range is a case where we have
   overlapping prefix ranges but no actual prefix conflict.

   Example PC5

   (128, 192.0.2.1/32, 200, 200, 0, 0)
   (128, 192.0.2.121/32, 320, 10, 0, 0)

   (128, 2001:DB8::1/128, 400, 200, 2, 0)
   (128, 2001:DB8::121/128, 520, 10, 2, 0)


   Although there is prefix overlap between the two IPv4 entries (and
   the two IPv6 entries) the same SID is assigned to all of the shared
   prefixes by the two entries.

3.2.1.2.  Prefix Conflict Generic Algorithm

   The following generic algorithm can be used to determine when any two
   mapping entries have Prefix Conflicts and what the set of prefixes in
   conflict are.





Ginsberg, et al.         Expires January 3, 2018                [Page 8]

Internet-Draft           sr-conflict-resolution                July 2017


   Given two mapping entries:

   (Prf, P1/L1, S1, R1, T1, A1) and
   (Prf, P2/L2, S2, R2, T2, A2)

   where P1 <= P2

   a prefix conflict exists if all of the following are true:

   1)Topologies, algorithms, and prefix lengths are identical

     (T1 == T2) && (A1 == A2) && (L1 == L2)

   2)The prefixes are in the same address-family.

   3)If there are overlapping prefixes in the two ranges and
     if there are different SIDs assigned to any of the prefixes
     in the overlapping range

     (P1e >= P2) && ((S1 + ((P2 - P1) >> (Lx-L1)) != S2)

   Prefixes in the following range are in conflict:

      P2 through MIN(P1e,P2e)


3.2.2.  SID Conflict

   When the same SID has been assigned to multiple prefixes we have a
   "SID conflict".  SID conflicts are independent of address-family,
   independent of prefix len, independent of topology, and independent
   of algorithm.

3.2.2.1.  SID Conflict Examples

   The simplest example is when two mapping entries with a range of 1
   assigns different SIDs to the same prefix.














Ginsberg, et al.         Expires January 3, 2018                [Page 9]

Internet-Draft           sr-conflict-resolution                July 2017


   Example SC1

   (192, 192.0.2.1/32, 200, 1, 0, 0)
   (192, 192.0.2.222/32, 200, 1, 0, 0)
   SID 200 has been assigned to 192.0.2.1/32 by the
   first advertisement.
   The second advertisement assigns SID 200 to 192.0.2.222/32.

   Example SC2

   (192, 2001:DB8::1/128, 400, 1, 2, 0)
   (192, 2001:DB8::222/128, 400, 1, 2, 0)
   SID 400 has been assigned to 2001:DB8::1/128 by the
   first advertisement.
   The second advertisement assigns SID 400 to 2001:DB8::222/128


   SID conflicts may also occur as a result of overlapping SID ranges.

   Example SC3

   (128, 192.0.2.1/32, 200, 200, 0, 0)
   (128, 198.51.100.1/32, 300, 10, 0, 0)

   SIDs 300 - 309 have been assigned to two different prefixes.
   The first advertisement assigns these SIDs
   to 192.0.2.101/32 - 192.0.2.110/32.
   The second advertisement assigns these SIDs to
   198.51.100.1/32 - 198.51.100.10/32.

   Example SC4
   (128, 2001:DB8::1/128, 400, 200, 2, 0)
   (128, 2001:DB8:1::1/128, 500, 10, 2, 0)

   SIDs 500 - 509 have been assigned to two different prefixes.
   The first advertisement assigns these SIDs to
   2001:DB8::101/128 - 2001:DB8::10A/128.
   The second advertisement assigns these SIDs to
   2001:DB8:1::1/128 - 2001:DB8:1::A/128.


   Examples SC3 and SC4 illustrate a complication - only part of the
   range advertised in the first advertisement is in conflict.

   SID conflicts may also occur because the same SID has been used in
   two different algorithms, two different topologies, two different
   address families, or prefixes with two different lengths.




Ginsberg, et al.         Expires January 3, 2018               [Page 10]

Internet-Draft           sr-conflict-resolution                July 2017


   Example SC5

   (128, 192.0.2.1/32, 200, 1, 0, 0)
   (128, 192.0.2.1/32, 200, 1, 0, 1)

   SID 200 has been assigned to the same prefix with two different
   algorithms.

   Example SC6
   (128, 192.0.2.1/32, 200, 1, 0, 0)
   (128, 2001:DB8::1/128, 200, 1, 0, 0)

   SID 200 has been assigned to prefixes in two different
   address-families.

3.2.2.2.  SID Conflict Generic Algorithm

   The following generic algorithm can be used to determine when any two
   mapping entries have SID Conflicts and what the set of SIDs in
   conflict are.

   Given two mapping entries:

   (Prf, P1/L1, S1, R1, T1, A1) and
   (Prf, P2/L2, S2, R2, T2, A2)

   a SID conflict exists if all of the following are true:

   1)If the SID ranges overlap

     (S1 <= S2) && (S1e >= S2)

   2)If the same SID is assigned to prefixes with different
     address-families, prefix lengths, topologies,
     or algorithms or the same SID is assigned to two
     different prefixes for any of the prefixes in either
     range.

      P1 and P2 are NOT in the same address family OR
      L1 != L2 OR
      T1 != T2 OR
      A1 != A2 OR
      (P1 + ((S1e-S2) << (L1x-L1))) != P2

   SIDs in the following range are in conflict:

      S2 through MIN(S1e,S2e)




Ginsberg, et al.         Expires January 3, 2018               [Page 11]

Internet-Draft           sr-conflict-resolution                July 2017


3.3.  Preference rule for resolving conflicts

   When a conflict is detected the following algorithm is used to select
   the preferred mapping entry.  Evaluation is made in the order
   specified.  Prefix conflicts are evaluated first.  SID conflicts are
   then evaluated on the Active entries remaining after Prefix Conflicts
   have been resolved.

   1.  Higher preference value wins

   2.  Smaller range wins

   3.  IPv6 entry wins over IPv4 entry

   4.  Longer prefix length wins

   5.  Smaller starting address (considered as an unsigned integer
       value) wins

   6.  Smaller algorithm wins

   7.  Smaller starting SID wins

   8.  If topology IDs are NOT identical both entries MUST be ignored

   When applying the preference rule to prefix/SID pairs associated with
   an advertised mapping entry with a range greater than one, each
   prefix/SID pair in the range is considered as having the range
   associated with the advertised mapping entry.  For example:

   Advertised mapping entry: (128, 192.0.2.1/32, 200, 200, 0, 0)

   The advertisement covers 200 prefix/SID pairs:
   192.0.2.1/32 200
   192.0.2.2/32 201
   ...
   192.0.2.200/32 399

   Each of these prefix/SID pairs is considered as having a range of 200
   when applying Rule #2 above.

   As SIDs associated with prefix reachability advertisements have a
   preference of 192 and an implied range of 1 while by default SRMS
   preference is 128, the default behavior is then to prefer SIDs
   advertised in prefix reachability advertisements over SIDs advertised
   by SRMSs, but an operator can choose to override this behavior by
   setting SRMS preference higher than 192.




Ginsberg, et al.         Expires January 3, 2018               [Page 12]

Internet-Draft           sr-conflict-resolution                July 2017


   Preferring advertisements with smaller range has the nice property
   that a single misconfiguration of an SRMS entry with a large range
   will not be preferred over a large number of advertisements with
   smaller ranges.

   Since topology identifiers are locally scoped, it is not possible to
   make a consistent choice network wide when all elements of a mapping
   entry are identical except for the topology.  This is why both
   entries MUST be ignored in such cases (Rule #8 above).  Note that
   Rule #8 only applies when considering SID conflicts since Prefix
   conflicts are restricted to a single topology.

3.4.  Conflict Resolution Algorithm

   The following logical steps MUST be followed in the order specified
   when resolving conflicts.

   Step 1: Resolve Prefix Conflicts (same topology/address family/
   algorithm)

   For each supported topology/address family/algorithm examine all
   qualifying mapping entries in the following order:

     1)Preference (start w highest)
     2)Range (start w smallest)
     3)Prefix length (start w longest)
     4)Address (start w smallest)
     5)SID (start w smallest)

   At each step if a prefix conflict is detected the losing prefix/SID
   pair is declared Inactive and is not considered in any subsequent
   steps.  The remaining prefix/SID pairs are Active.

   Mapping entries with Active prefix/SID pairs after completion of Step
   1 are fed into ...

   Step 2: SID Conflicts (across all topologies/address families/
   algorithms)

   Examine all Active prefix/SID pairs from Step #1 in the following
   order:










Ginsberg, et al.         Expires January 3, 2018               [Page 13]

Internet-Draft           sr-conflict-resolution                July 2017


     1)Preference (start w highest)
     2)Range (start w smallest)
     3)IPv6 entries
       a)Prefix length (start w longest)
       b)Address (start w smallest)
     4)IPv4 entries
       a)Prefix Length (start w longest)
       b)Address (start w smallest)
     5)Algorithm (start w smallest)
     6)SID (start w smallest)

   Prefix/SID pairs which are identical and are associated with the
   same topology are duplicates - both entries MUST be considered as
   Active.
   Prefix/SID pairs which are identical and are associated with
   different topologies MUST both be considered Inactive.

   Active Entries in the database may be used in forwarding.  Inactive
   entries MUST NOT be used in forwarding.

   Note that when the database of mapping entries changes the full set
   of logical steps MUST be reapplied to the entire database as conflict
   resolution is NOT transitive.

   NOTE: Clever implementors may realize optimizations when rerunning
   the algorithm by evaluating changed entries as to whether they have
   potential conflicts with any of the existing entries in the database
   (both active and inactive).  Such optimizations are outside the scope
   of this specification.  The normative behavior is defined by the
   logical algorithm above.

3.5.  Example Behavior - Single Topology/Address Family/Algorithm

   The following mapping entries exist in the database.  For brevity,
   Topology/Algorithm is omitted and assumed to be (0,0) in all entries.

   1.  (192, 192.0.2.1/32, 100, 1)

   2.  (192, 192.0.2.101/32, 200, 1)

   3.  (128, 192.0.2.1/32, 400, 255) !Prefix conflict with entries 1 and
       2

   4.  (128, 198.51.100.40/32, 200,1) !SID conflict with entry 2

   The table below shows what mapping entries will be used in the
   forwarding plane (Active) and which ones will not be used (Inactive)




Ginsberg, et al.         Expires January 3, 2018               [Page 14]

Internet-Draft           sr-conflict-resolution                July 2017


   +------------------------------------------------------------+
   |  Active Entries              |  Inactive Entries           |
   +------------------------------------------------------------+
   | (192,192.0.2.1/32,100,1)     | (128,198.51.100.40/32,200,1)|
   | (192,192.0.2.101/32,200,1)   |*(128,192.0.2.1/32,400,1)    |
   |*(128,192.0.2.2/32,401,99)    |*(128,192.0.2.101/32,500,1)  |
   |*(128,192.0.2.102/32,501,154) |                             |
   +------------------------------------------------------------+

   * Derived from (128,192.0.2.1/32,400,255)

3.6.  Example Behavior - Multiple Topologies

   When using a preference rule the order in which conflict resolution
   is applied has an impact on what entries are Active when entries for
   multiple topologies (or algorithms) are present.  The following
   mapping entries exist in the database:

   1.  (192, 192.0.2.1/32, 100, 1, 0, 0) !Topology 0

   2.  (192, 192.0.2.1/32, 200, 1, 0, 0) !Topology 0, Prefix Conflict
       with entry #1

   3.  (192, 198.51.100.40/32, 200,1,1,0) ! Topology 1, SID conflict
       with entry 2

   The table below shows what mapping entries will be used in the
   forwarding plane (Active) and which ones will not be used (Inactive)
   based on the order in which conflict resolution is applied.

   +------------------------------------------------------------------+
   |Order   | Active Entries             | Inactive Entries           |
   +------------------------------------------------------------------+
   |Prefix- |(192,192.0.2.1/32,100,1,0,0)|(192,192.0.2.101/32,200,1,0)|
   |Conflict|(192,198.51.100.40/32,200,1,|                            |
   |First   |    1,0)                    |                            |
   +------------------------------------------------------------------+
   |SID-    |(192,192.0.2.1/32,100,1,0,0)|(192,192.0.2.101/32,200,1,0)|
   |Conflict|                            |(192,198.51.100.40/32,200,1,|
   |First   |                            |    1,0)                    |
   +------------------------------------------------------------------+


   This illustrates the advantage of evaluating prefix conflicts within
   a given topology (or algorithm) before evaluating topology (or
   algorithm) independent SID conflicts.  It insures that entries which
   will be excluded based on intratopology preference will not prevent a
   SID assigned in another topology from being considered Active.



Ginsberg, et al.         Expires January 3, 2018               [Page 15]

Internet-Draft           sr-conflict-resolution                July 2017


3.7.  Guaranteeing Database Consistency

   In order to obtain consistent active entries all nodes in a network
   MUST have the same mapping entry database.  Mapping entries can be
   obtained from a variety of sources.

   o  SIDs can be configured locally for prefixes assigned to interfaces
      on the router itself.  Only SIDs which are advertised to protocol
      peers can be considered as part of the mapping entry database.

   o  SIDs can be received in prefix reachability advertisements from
      protocol peers.  These advertisements may originate from peers
      local to the area or be leaked from other areas and/or
      redistributed from other routing protocols.

   o  SIDs can be received from SRMS advertisements - these
      advertisements can originate from routers local to the area or
      leaked from other areas

   o  In cases where multiple routing protocols are in use mapping
      entries advertised by all routing protocols MUST be included.

3.8.  Minimizing the occurence of conflicts

   Conflicts in SID advertisements are always the result of a
   misconfiguration.  Conflicts may occur either in the set of
   advertisements originated by a single node or between advertisements
   originated by different nodes.

   Conflicts which occur within the set of advertisements (PFX and SRMS)
   originated by a single node SHOULD be prevented by configuration
   validation on the originating node.

   It is possible to minimize the occurrence of conflicts between
   advertisements originated by different routers if new configuration
   is validated against the current state of the conflict resolution
   database before the configuration is advertised.  How this is done is
   an implementation issue which is out of scope of this document.

4.  Scope of SR-MPLS SID Conflicts

   The previous section defines the types of SID conflicts and
   procedures to resolve such conflicts when using an MPLS dataplane.
   The mapping entry database used MUST be populated with entries for
   destinations for which the associated SID will be used to derive the
   labels installed in the forwarding plane of routers in the network.
   This consists of entries associated with intra-domain routes.




Ginsberg, et al.         Expires January 3, 2018               [Page 16]

Internet-Draft           sr-conflict-resolution                July 2017


   There are cases where destinations which are external to the domain
   are advertised by protocol speakers running within that network - and
   it is possible that those advertisements have SIDs associated with
   those destinations.  However, if reachability to a destination is
   topologically outside the forwarding domain of the protocol instance
   then the SIDs for such destinations will never be installed in the
   forwarding plane of any router within the domain - so such
   advertisements cannot create a SID conflict within the domain.  Such
   entries therefore MUST NOT be installed in the database used for
   intra-domain conflict resolution.

   Consider the case of two sites "A and B" associated with a given
   [RFC4364] VPN.  Connectivity between the sites is via a provider
   backbone.  SIDs associated with destinations in Site A will never be
   installed in the forwarding plane of routers in Site B.  Reachability
   between the sites (assuming SR is being used across the backbone)
   only requires using a SID associated with a gateway PE.  So a
   destination in Site A MAY use the same SID as a destination in Site B
   without introducing any conflict in the forwarding plane of routers
   in Site A.

   Such cases are handled by insuring that the mapping entries in the
   database used by the procedures defined in the previous section only
   include entries associated with advertisements within the site.

5.  Conflict Resolution and non-forwarding nodes

   The previous sections define conflict resolution behavior required of
   nodes which perform forwarding.  But conflict resolution also impacts
   other entities e.g., controllers.  If a controller were to define an
   explicit path using a SID in a way that is inconsistent with the set
   of Active entries produced by conflict resolution procedures used by
   the forwarding nodes then traffic following the explicit path may be
   misdelivered.

   To prevent this such an entity MUST either implement the conflict
   resolution procedures defined above or implement an alternate form of
   conflict resolution which produces a subset of the Active entries
   which result from the conflict resolution procedures defined above.
   One such alternate form is to consider Inactive any mapping entry
   which has either a prefix conflict or a SID conflict with any other
   mapping entry.

6.  Security Considerations

   The ability to introduce SID conflicts into a deployment may
   compromise traffic forwarding.  Protocol specific security mechanisms




Ginsberg, et al.         Expires January 3, 2018               [Page 17]

Internet-Draft           sr-conflict-resolution                July 2017


   SHOULD be used to insure that all SID advertisements originate from
   trusted sources.

7.  IANA Consideration

   This document has no actions for IANA.

8.  Acknowledgements

   The authors would like to thank Jeff Tantsura, Wim Henderickx, Bruno
   Decraene, and Stephane Litkowski for their careful review and content
   suggestions.

9.  References

9.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC4364]  Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
              Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
              2006, <http://www.rfc-editor.org/info/rfc4364>.

   [SR-BGP]   "Segment Routing Prefix SID extensions for BGP, draft-
              ietf-idr-bgp-prefix-sid-06(work in progress)", June 2017.

   [SR-IS-IS]
              "IS-IS Extensions for Segment Routing, draft-ietf-isis-
              segment-routing-extensions-13(work in progress)", June
              2017.

   [SR-MPLS]  "Segment Routing with MPLS dataplane, draft-ietf-spring-
              segment-routing-mpls-10(work in progress)", June 2017.

   [SR-OSPF]  "OSPF Extensions for Segment Routing, draft-ietf-ospf-
              segment-routing-extensions-17(work in progress)", June
              2017.

   [SR-OSPFv3]
              "OSPFv3 Extensions for Segment Routing, draft-ietf-ospf-
              ospfv3-segment-routing-extensions-09(work in progress)",
              March 2017.






Ginsberg, et al.         Expires January 3, 2018               [Page 18]

Internet-Draft           sr-conflict-resolution                July 2017


9.2.  Informational References

   [SR-ARCH]  "Segment Routing Architecture, draft-ietf-spring-segment-
              routing-12(work in progress)", June 2017.

Appendix A.  Alternative SID Conflict Resolution Policy Discussion

   A number of approaches to resolving SID conflicts were considered
   during the writing of this document.  Two general approaches with a
   total of three policy alternatives were considered.  This
   Appendix documents the alternatives considered.  All content in this
   section is non-normative.

   Two general approaches can be used to process conflicting entries.

   1.  Conflicting entries can be ignored

   2.  A standard preference algorithm can be used to choose which of
       the conflicting entries will be used

   The following sections discuss these two approaches in more detail.

A.1.  Policy: Ignore conflicting entries

   In cases where entries are in conflict none of the conflicting
   entries are used i.e., the network operates as if the conflicting
   advertisements were not present.

   Implementations are required to identify the conflicting entries and
   ensure that they are not used.

A.2.  Policy: Preference Algorithm/Quarantine

   For entries which are in conflict properties of the conflicting
   advertisements are used to determine which of the conflicting entries
   are used in forwarding and which are "quarantined" and not used.
   Losing mapping entries with ranges greater than 1 are quarantined in
   their entirety.

   This approach requires that conflicting entries first be identified
   and then evaluated based on a preference rule.  Based on which entry
   is preferred this in turn may impact what other entries are
   considered in conflict i.e. if A conflicts with B and B conflicts
   with C - it is possible that A does NOT conflict with C.  Hence if as
   a result of the evaluation of the conflict between A and B, entry B
   is not used the conflict between B and C will not be detected.





Ginsberg, et al.         Expires January 3, 2018               [Page 19]

Internet-Draft           sr-conflict-resolution                July 2017


A.3.  Policy: Preference algorithm/ignore overlap only

   A variation of the preference algorithm approach when applied to
   mapping entries with ranges greater than 1 is to quarantine only the
   portions of the less preferred entry which actually conflict.  The
   original entry is logically considered as a set of entries with a
   range of 1, each of which inherits the range value of the original
   entry for purposes of applying the preference rule.

A.4.  Example Behavior - Single Topology/Address Family/Algorithm

   The following mapping entries exist in the database.  For brevity,
   Topology/Algorithm is omitted and assumed to be (0,0) in all entries.

   1.  (192, 192.0.2.1/32, 100, 1)

   2.  (192, 192.0.2.101/32, 200, 1)

   3.  (128, 192.0.2.1/32, 400, 255) !Prefix conflict with entries 1 and
       2

   4.  (128, 198.51.100.40/32, 200,1) !SID conflict with entry 2

   The table below shows what mapping entries will be used in the
   forwarding plane (Active) and which ones will not be used (Inactive)
   under the three candidate policies:

  +--------------------------------------------------------------------+
  |Policy     | Active Entries           |  Inactive Entries           |
  +--------------------------------------------------------------------+
  |Ignore    |                           |(192,192.0.2.1/32,100,1)     |
  |          |                           |(192,192.0.2.101/32,200,1)   |
  |          |                           |(128,192.0.2.1/32,400,255)   |
  |          |                           |(128,198.51.100.40/32,200,1) |
  +--------------------------------------------------------------------+
  |Quarantine|(192,192.0.1.1/32,100,1)   |(128,192.0.2.1/32,400,255)   |
  |          |(192,192.0.2.101/32,200,1) |(128,198.51.100.40/32,200,1) |
  +--------------------------------------------------------------------+
  |Ignore-   |(192,192.0.2.1/32,100,1)   |(128,198.51.100.40/32,200,1) |
  |Overlap-  |(192,192.0.2.101/32,200,1) |*(128,192.0.2.1/32,400,1)    |
  | Only     |*(128,192.0.2.2/32,401,99) |*(128,192.0.2.101/32,500,1)  |
  |          |*(128,192.0.2.102/32,                                    |
  |          |      501,153)             |                             |
  +--------------------------------------------------------------------+

  * Derived from (128,192.0.2.1/32,400,300)





Ginsberg, et al.         Expires January 3, 2018               [Page 20]

Internet-Draft           sr-conflict-resolution                July 2017


A.5.  Evaluation of Policy Alternatives

   The previous sections have defined three alternatives for resolving
   conflicts - ignore, quarantine, and ignore overlap-only.

   The ignore policy impacts the greatest number of mapping entriesas
   all prefix/SID pairs contained in an advertisement which has a
   conflict are considered Inactive.

   Quarantine allows forwarding for some destinations which have a
   conflict to be supported - but losing mapping entries with ranges
   greater than 1 are declared Inactive in their entirety.  This may
   result in not using individual prefix/SID entries contained within
   the quarantined advertisement which do not have a conflict.

   Ignore-overlap-only maximizes the entries which may be Active as each
   prefix/SID pair contained within an advertised mapping entry with
   range greater than 1 is evaluated independent of the other entries
   within the same advertisement.  To implement this alternative
   advertised mapping entries with a range greater than 1 which have a
   conflict with other advertised mapping entries have to logically be
   split into 2 or more "derived mapping entries".  The derived mapping
   entries then fall into two categories - those that are in conflict
   with other mapping entries and have lost based on the preference rule
   and those which are either NOT in conflict or have won based on the
   preference rule.  The former are considered Inactive while the latter
   are considered Active.  Each time the underived mapping database is
   updated the derived entries have to be recomputed based on the
   updated database.  Internal data structures have to be maintained
   which maintain the relationship between the advertised mapping entry
   and the set of derived mapping entries.  All nodes in the network
   have to achieve the same behavior regardless of implementation
   internals.

   There is then a tradeoff between a goal of maximizing advertised
   mapping entry usage and the risks associated with increased
   implementation complexity.

   Consensus of the working group is that maximizing the use of the
   advertised prefix/SID pairs is the most important deployment
   consideration - therefore ignore-overlap-only has been specified as
   the standard policy which MUST be implemented by all nodes which
   support SR-MPLS.








Ginsberg, et al.         Expires January 3, 2018               [Page 21]

Internet-Draft           sr-conflict-resolution                July 2017


Authors' Addresses

   Les Ginsberg
   Cisco Systems
   821 Alder Drive
   Milpitas, CA  95035
   USA

   Email: ginsberg@cisco.com


   Peter Psenak
   Cisco Systems
   Apollo Business Center Mlynske nivy 43
   Bratislava  821 09
   Slovakia

   Email: ppsenak@cisco.com


   Stefano Previdi
   Cisco Systems

   Email: stefano@previdi.net


   Martin Pilka

   Email: martin@infobox.sk






















Ginsberg, et al.         Expires January 3, 2018               [Page 22]