Document double/triple matching

This commit is contained in:
Nico Schottelius 2019-03-25 11:51:36 +01:00
parent f4372580c4
commit 42f5e00e74
3 changed files with 25 additions and 4 deletions

View file

@ -123,12 +123,16 @@
| | Parsing on wrong field detected by unset fields in wireshark | |
| | Correcting parser->leads to incorrect checksum | |
| | - NDP is answered to, but icmp6 echo request isn't -> extend table | |
| | | |
| | Problem with multiple LPM keys in table | |
| | - logical problem, overlapping length matches | |
| | - priority / ordering would be helpful | |
| | | |
| | | |
| 2019-03-25 | | |
| | Writing down double LPM problem | |
| | Removing source network support, documenting limitation | |
| | Rewriting code to use multiple NAT64 destinations | |
| | | |
| | | |
| | | |
@ -1281,7 +1285,7 @@ Code:
}
#+END_SRC
**** (current) Limitations
**** (current) Implementation limitations
***** No fragmentation support (yet)
***** No session handling (yet)
1:1 mappings. No (automatic) session.
@ -1292,6 +1296,10 @@ has already been solved in a different domain - could even do
transparent / in network modification
***** Incomplete NDP
Very limited option support
***** NAT64 mappings not source network dependent
Only the destination network is matched for deciding on NAT64, as
priority based double LPM is not supported. This limits a prefix to be
used only in one network.
*** References / Follow up
**** RFC 2460 IPv6 (Checksum https://tools.ietf.org/html/rfc2460#section-8.1)
**** RFC 3810 MLD2 https://tools.ietf.org/html/rfc3810

View file

@ -55,7 +55,12 @@ class L2Controller(object):
self.info['v6_mask'] = 64
self.info['v6_base'] = ipaddress.ip_network("2001:db8::/32")
self.info['v6_gen'] = self.info['v6_base'].subnets(new_prefix=self.info['v6_mask'])
self.info['v6_base_hostnet'] = ipaddress.ip_network("2001:db8::/48")
# possible new range for NAT64 prefixes
self.info['v6_base_nat64'] = ipaddress.ip_network("2001:db8:1::/48")
self.info['v6_gen'] = self.info['v6_base_hostnet'].subnets(new_prefix=self.info['v6_mask'])
self.info['v4_mask'] = 24
self.info['v4_base'] = ipaddress.ip_network("10.0.0.0/8")

View file

@ -13,7 +13,6 @@ In other words:
should be mapped to 10.1.1.0/24
## What I tried to do
### 2 LPM keys
I tried to use one table with two LPM keys, which I would like to
@ -46,6 +45,8 @@ This results into the compiler problem
^^^^^
```
## How it could be solved
### 2 tables (recommendation of Nate)
It does not work, when matching the source address first:
@ -113,4 +114,11 @@ testing / development, it does not work for a production setup.
### Ternary matching (recommendation of Andy)
- Have to investigate
Could be a solution, because it offers priorities. Is not exactly what
I want to achieve, because I want to do LPM matching, but it could be
misused for it.
### Double table with using ID of first match (Andy + Nate ideas)
Use the handle of the source network to match again on exact in the
2nd table. This might be a very reasonable approach.