nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPv6 /64 links (was Re: ipv6 book recommendations?)

From: Mark Andrews <marka () isc org>
Date: Fri, 08 Jun 2012 11:08:06 +1000

In message <1339116492.2754.162.camel@karl>, Karl Auer writes:


--=-ebOzahzuucm9tstf70zM
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Thu, 2012-06-07 at 22:27 +0000, Dave Hart wrote:

Karl, you seem to fail to understand how ethernet NICs are implemented
in the real world.  Ignoring the optional (but common) promiscuous
mode support and various offloading, IPv4 ARP is sent as ethernet
broadcast and the NIC hardware and driver is in no position to filter
-- it must be done by the IP stack.  In contrast, ND is sent as
ethernet multicast which are filtered by receivers in hardware.
Whether or not the switches are smart enough to filter is an
implementation decision that has no bearing on the requirement to
filter in the NIC hardware.


I'm the first to admit that I often don't know stuff. One good reason to
be on the NANOG mailing list! But in this case...

Yes - whether with ARP or ND, any node has to filter out the packets
that do not apply to it (whether it's done by the NIC or the host CPU is
another question, not relevant here).

But in a properly switched IPv6 network, many/most ND packets do not
arrive at most nodes' network interfaces at all, so those nodes have no
filtering work to do. Yes, the nodes that DO get a packet - those
listening on the relevant multicast group, often a solicited node
multicast group - DO need to filter out the NDs that don't apply to
them, but the point is that a vastly reduced number of nodes are thus
inconvenienced compared.

The original post posited that ND could cause as much traffic as ARP. My
point is that it probably doesn't, because the ND packets will only be
seen on the specific switch ports belonging to those nodes that are
listening to the relevant multicast groups, and only those nodes will
actually receive the ND packets. In contrast to ARP, which is broadcast,
always, to all nodes, and thus goes out every switch port in the
broadcast domain.

This is pretty much the *point* of using multicast instead of broadcast.


The point of multicast is be able to reject traffic sooner rather
than later.  Running IPv6 with a nic that doesn't support several
multicast addresses is a real pain which I know from experience.
It can however be done.


Regards, K.

--=20

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka () isc org
Previous By Date Next
Previous By Thread Next

Current thread: