[Xorp-users] Policy network4 operator

[Pavlin Radoslavov]

> > Pavlin and I have been discussing what the "right" direction should be for
> > the network4 operator in policy statements.  Right now if you specify
> > "network4 <= 10.0.0.0/8" this would match all the 10.0.0.0/8 and longer
> > prefixes (i.e. 10.0.0.0/9, 10.1.0.0/16, etc.).
> > 
> > My recommendation is to change the operator from "<=" matches longer
> > prefixes to ">=" matches longer prefixes, since this seems more intuitive
> > to me (/9 is > /8) and this would make it match the "prefix-length4"
> > operator where "prefix-length4 > 24" matches all prefixes longer than /24.
> > 
> > Which do you prefer:
> > 
> > A) keep it the way it is now, < matches longer prefixes
> > B) changing it to use > for longer prefix matches


The reason I prefer (A) is because my interpretation of the "<="
operator in the context of network prefixes is "subset".
E.g., my interpretation of "network4 <= 10.0.0.0/8" is:

"Network that is a subset of 10.0.0.0/8."

Another interpretation that I found useful and is also consistent
with the "<=" direction is:
"Network that overlaps with 10.0.0.0/8 and has same as or fewer
addresses than 10.0.0.0/8."


The whole issue comes down to the meaning of "<=, <, >, >=" within
the context of network prefixes. Your interpretation is integer
comparison of the corresponding network prefix lengths, while my
interpretation is subset/superset relation of the network prefixes
themselves.

Thanks,
Pavlin

> > Btw, the bug on this is 358
> > 
> > http://www.xorp.org/bugzilla/show_bug.cgi?id=358
> > 
> > -mike
> > 
> _______________________________________________
> Xorp-users mailing list
> Xorp-users at xorp.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users