[Swan-dev] overlapping address pools

Paul Wouters paul at nohats.ca
Sun Apr 20 19:54:41 EEST 2014

On Sun, 20 Apr 2014, D. Hugh Redelmeier wrote:

> Each conn can have an address pool.  If two conns' address pools are
> identical, they are shared (a single common pool).

Sounds good.

> If two address-pools overlap, but not exactly, each pool is separate in
> the addresspool logic: each pool could allocate the same address without
> being aware of it.

I think that's a bug.

> Alternative "I want this to work, dammit" approach: when the second
> conn is loaded, chop off the overlap from one range or the other
> (assuming none of the addresses is in use) and proceed.  But scenario
> seems too obscure and insufficiently useful to be worth investing much
> effort into.  (The current simpler addresspool logic has taken a lot
> of work already.)

That will start showing up failures quickly for small pools. Eg pools of
8 that get reduced to 4 or 2.

I'm happy with Ocam's Razor. If identical than, share, else reject.

However, what happens when one client using 1 ID connects to both conns?
Does it get the same IP or is it "taken"? I don't care much as long as
we handle this case without causing server errors.

The alternative is to have pools completely disjoint from connections as
their own "entities". I think that would be way overengineered though. I
am all in favour or a simple solution, and if it gets too complicated to
hand the job over to something else (eg Radius / Diameter or dhcpd)


More information about the Swan-dev mailing list