Redundant paths with different segment IDs #93
Comments
|
I'm not sure if this is related, but I did notice something a little troubling. |
|
@pszalach So I think I've got the problem narrowed down to two parts.
|
|
I have not, but then I haven't looked to closely to be honest. 1) does On Tue, May 5, 2015 at 3:46 PM, pszalach notifications@github.com wrote:
|
|
I think that solution for 2. may be generating (seeds for) revocation tokens in a deterministic way. For example using AD's secret key and paths'id (get_hops_hash()). |
|
You have to be careful though, since get_hops_hash() uses interface Seed for interface rev-token chain: secret-key + interface-ID However, you will run into problems when a hash chain gets exhausted, so On Wed, May 6, 2015 at 10:39 AM, pszalach notifications@github.com wrote:
|
|
Yes, I thought about something like that. On 06.05.2015 11:32, shitz wrote:
|
|
please reopen if issue still exists |
When requesting paths, sciond is receiving multiple PCBs that are topologically equivalent but have different segment IDs. The daemon sees these as different paths even though they use the same hop sequences, so the host thinks it is using e.g. 4 paths when in fact they are all the same path.
Example PCBs:
---- pcb ----
[PathSegment]
Segment ID: b'X\xfe\xf3$\x8a3i\xa8\xe6*\t\xf2\xf4)\x87.\xc5\x94\xe3\xab\xa5\x0bC\x9c\xafoq\xd4\xee\x87\xa9\xc9'
[Info OF info: 40, up: False, TS: 1430297228, ISD ID: 1, hops: 3]
[TRC OF info: ff, TRCv: 0, IF ID: 290]
[Autonomous Domain]
[PCB Marking ad_id: 13]
ig_rev_token: b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
eg_rev_token:b'\x1dpJ\x8f\xb6K.)\xe8\x07a(;"\xf3\x08P\x91y\xe7\xc7$\x81\xc1+JQf\xfc\xf0A^'
[Support Signature OF cert_chain_version: 0, sig_len: 0, block_size: 96]
[Hop OF info: 0, exp_time: 63, ingress if: 0, egress if: 284, mac: 0]
[Info OF TD ID: 1, bwalloc_f: 0, bwalloc_r: 0]
[Signature: ]
[Autonomous Domain]
[PCB Marking ad_id: 16]
ig_rev_token: b'\nj\x13\x13(\xac:\x08\xc6\xe7\xcf`\x0f\xb7\x92\xcd9\xa3\xd0\t\x07\xfc\x1d\xe9#m\xac\xfeN\xad\xd2x'
eg_rev_token:b'\x93\xb7<=$\xc1=\xd7RC;6f\x1f\xc7P#\xcd\x89\xfe\xa1s\n\xde2E\xc6P,A\xfb8'
[Support Signature OF cert_chain_version: 0, sig_len: 0, block_size: 184]
[Hop OF info: 0, exp_time: 63, ingress if: 284, egress if: 290, mac: 0]
[Info OF TD ID: 1, bwalloc_f: 0, bwalloc_r: 0]
[Peer Marking ad_id: 15]
ig_rev_token: b'\x1b\xf73w\xa1\xa6xC\x0e\xe3\xc3\xe4\xd7\xf8;v\x1f\xb2\xaa\xa7\xb0t\xe9\xb0\xf1\x8e\r\x10\xb1?l\xf5'\eg_rev_token:b'\x93\xb7<=$\xc1=\xd7RC;6f\x1f\xc7P#\xcd\x89\xfe\xa1s\n\xde2E\xc6P,A\xfb8'
[Hop OF info: 0, exp_time: 63, ingress if: 286, egress if: 290, mac: 0]
[Support Peer OF TD ID: 1, bwalloc_f: 0, bwalloc_r: 0, bw_class: 0]
[Signature: ]
[Autonomous Domain]
[PCB Marking ad_id: 19]
ig_rev_token: b'\t\xb5\xf0\xab\xa2w\n;K\xbeq=u{E\x9a\xbb\xb6%c\xbc\x9fV\x8b]\xe6\xcdB7\x15\xad\xeb'
eg_rev_token:b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
[Support Signature OF cert_chain_version: 0, sig_len: 0, block_size: 96]
[Hop OF info: 0, exp_time: 63, ingress if: 290, egress if: 0, mac: 0]
[Info OF TD ID: 1, bwalloc_f: 0, bwalloc_r: 0]
[Signature: ]
---- pcb ----
[PathSegment]
Segment ID: b'2C\xbfJ\x102\x07\xd7\xaf"\xbb\xc0\xa3\xb9I\x8c[P\xd8\xca\xe3\n\x92]\xf1\xd8\x93\xe7\x13\x9e!$'
[Info OF info: 40, up: False, TS: 1430297278, ISD ID: 1, hops: 3]
[TRC OF info: ff, TRCv: 0, IF ID: 290]
[Autonomous Domain]
[PCB Marking ad_id: 13]
ig_rev_token: b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
eg_rev_token:b"\x0fO\xe57l9\x14\xc2\x18\x9f\xc8\xfc\xbb\x17\tC\xdd\x02\x92\xdb\xe3\t[R\xc7\xf4\xae\x82\xbag'v"
[Support Signature OF cert_chain_version: 0, sig_len: 0, block_size: 96]
[Hop OF info: 0, exp_time: 63, ingress if: 0, egress if: 284, mac: 0]
[Info OF TD ID: 1, bwalloc_f: 0, bwalloc_r: 0]
[Signature: ]
[Autonomous Domain]
[PCB Marking ad_id: 16]
ig_rev_token: b'=:\xc18;\x80\xd1G;\xbd\xd3\xe0\x01\xcbbYi"fx!\xdc*\x05z\x9eUQ\x94J\x7f\xd2'
eg_rev_token:b'\xa5\xf6F(\xb6\xc1:r;\x9d\x1b\xb0-\xd7\xea>^\xa0#\x96\xff\xb0\xa6\xeds\xbb\xfa+\xd7\x0b\x10\x89'
[Support Signature OF cert_chain_version: 0, sig_len: 0, block_size: 184]
[Hop OF info: 0, exp_time: 63, ingress if: 284, egress if: 290, mac: 0]
[Info OF TD ID: 1, bwalloc_f: 0, bwalloc_r: 0]
[Peer Marking ad_id: 15]
ig_rev_token: b"\x16\xbb\x1c\x03\x8b\xfb\x8c\xd8zL\xba\x08\xa3\x133\xfb\x06'\x94\xd6\xb4F\xb1\x82\x89~\xa0\xb1y\x13\x08C"\eg_rev_token:b'\xa5\xf6F(\xb6\xc1:r;\x9d\x1b\xb0-\xd7\xea>^\xa0#\x96\xff\xb0\xa6\xeds\xbb\xfa+\xd7\x0b\x10\x89'
[Hop OF info: 0, exp_time: 63, ingress if: 286, egress if: 290, mac: 0]
[Support Peer OF TD ID: 1, bwalloc_f: 0, bwalloc_r: 0, bw_class: 0]
[Signature: ]
[Autonomous Domain]
[PCB Marking ad_id: 19]
ig_rev_token: b'\t\xb5\xf0\xab\xa2w\n;K\xbeq=u{E\x9a\xbb\xb6%c\xbc\x9fV\x8b]\xe6\xcdB7\x15\xad\xeb'
eg_rev_token:b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
[Support Signature OF cert_chain_version: 0, sig_len: 0, block_size: 96]
[Hop OF info: 0, exp_time: 63, ingress if: 290, egress if: 0, mac: 0]
[Info OF TD ID: 1, bwalloc_f: 0, bwalloc_r: 0]
[Signature: ]
The text was updated successfully, but these errors were encountered: