[Swan-dev] overlapping address pools
Paul Wouters
paul at nohats.ca
Sun Apr 20 19:54:41 EEST 2014
On Sun, 20 Apr 2014, D. Hugh Redelmeier wrote:
> Each conn can have an address pool. If two conns' address pools are
> identical, they are shared (a single common pool).
Sounds good.
> If two address-pools overlap, but not exactly, each pool is separate in
> the addresspool logic: each pool could allocate the same address without
> being aware of it.
I think that's a bug.
> Alternative "I want this to work, dammit" approach: when the second
> conn is loaded, chop off the overlap from one range or the other
> (assuming none of the addresses is in use) and proceed. But scenario
> seems too obscure and insufficiently useful to be worth investing much
> effort into. (The current simpler addresspool logic has taken a lot
> of work already.)
That will start showing up failures quickly for small pools. Eg pools of
8 that get reduced to 4 or 2.
I'm happy with Ocam's Razor. If identical than, share, else reject.
However, what happens when one client using 1 ID connects to both conns?
Does it get the same IP or is it "taken"? I don't care much as long as
we handle this case without causing server errors.
The alternative is to have pools completely disjoint from connections as
their own "entities". I think that would be way overengineered though. I
am all in favour or a simple solution, and if it gets too complicated to
hand the job over to something else (eg Radius / Diameter or dhcpd)
Paul
More information about the Swan-dev
mailing list