Scaling IPv6 Neighbor
Discovery
Ben Mack-Crane ([email protected])
Neighbor Solicitation (RFC4861)
Other end-stations are not
registered for multicast
address
1
2
3End-station 1 sends Neighbor
Solicitation
4
5End-station
6 10 receives 7 8
9 10
Neighbor Solicitation
• End-station 1 wants to resolve the L2 address of end-station 10;
–
End-station 1 sends Neighbor Solicitation packet using the solicitednode multicast address for end-station 10’s IPv6 address;
• The Neighbor Solicitation packet is flooded to all endpoints on the
VLAN;
–
–
If the end-station 10 has configured its NIC to receive this multicast
address, so no other end-stations must process the Neighbor Solicitation
packet;
Note: there is a small probability that another end-station could register for
the same solicited-node multicast address as end-station 10, but there are
2^24 addresses and so the probability of overlap is small and the impact is
small as well (receiving unnecessary solicitations from a few end-stations)
and therefore there would be
• no significant impact on end-station CPU cycles.
Problems with IPv6 self addressed hosts
-What we learned on the way to BOF
• When Server is virtualized,
– If the server’s MAC filter is smaller than the number of
VMs supported, then effectively all the multicast
messages will go into the server
– impact end station CPU cycles.
• For user created subnet, the number of hosts in
the subnet is up to the user.
– IPv6 gives user more freedom to create a mega size
subnet potentially
– SLAAC & DAD could potentially blow up DHCP
Unsolicited Neighbor Advertisement
All end-stations are
registered for all-nodes
multicast address
1
•
2
3
4
5 6
End-station 1 sends Unsolicited Neighbor
Advertisement
7 8
9 10
End-station 1 wants to inform all end-stations of a change in L2 address;
–
End-station 1 sends an Unsolicited Neighbor Advertisement packet using the
all-nodes multicast address;
–
The Unsolicited Neighbor Advertisement packet is flooded to all endpoints on
the VLAN;
–
All end-stations in the VLAN process the Unsolicited Neighbor
Advertisement;
Similar to Gratituous ARP Response
•
Note: this is expected to be a rare event (change of L2 address) and
therefore, although all end-stations must process this packet, there would
be no significant impact on end-station CPU cycles.
ND Scaling Gap Analysis – Performance
Who Sends
How Often
DA
Scale
Router Solicit
hosts
when new (seldom)
all-routers mcast
O(s)
Router Advert
routers
periodic;
when solicited
all-nodes mcast;
unicast
O(R)
Neighbor Solicit
nodes
when no/stale cache
entry for Next Hop
solicited-neighbor
mcast
O(P)
Neighbor Advert
nodes
when solicited
unicast
O(P)
Unsolicited
Neighbor Advert
nodes
when L2 address
changes (seldom)
all-nodes mcast
O(s)
Redirect
routers
when needed (
Seldom in non-mobile
environment,
But frequent in Cloud
Data Center
unicast
O(s)
Host
Mobility
nodes = routers + hosts; R = #routers; H = #hosts; P = #peers/node; s = small number
Scalability looks very good for networks with a few routers and many hosts (each
with a few peers) when servers are not virtualized.
ND Scaling Gap Analysis – Performance
Additional features and considerations:
•
•
•
•
Duplicate Address Detection
–
solicits all-nodes multicast Neighbor Advertisement if address is in use
–
this should be rare enough to be insignificant
Anycast and Proxy address resolution
–
solicits multiple Neighbor Advertisements (from each node supporting the Anycast address)
–
increases the number of Neighbor Advertisements received by the requestor, randomized delay
–
may want to restrict this feature to a single site in a multi-site network
Neighbor Unreachability Detection
–
is designed to take advantage of hints from higher layers, only send messages when connectivity is
suspect (should be rare)
–
may not be suitable for core case since each router will have many peers and may not be able to take
advantage of higher layer hints – may prefer alternate fault detection methods
Redirect
–
rate limited, frequency depends on network design and management, impact should be limited
–
When VMs migration are used, the volume of re-direct could be huge.
ND Scaling Gap Analysis – Performance
Additional features and considerations:
•
•
•
Host-based Load Spreading (e.g. RFC 4311)
–
affects selection of Next Hop Router
–
does not increase ND traffic appreciably
Router-based Load Spreading (i.e. use of NULL SA in Router Advertisement)
–
requires hosts to solicit Next Hop Router address
–
increases solicitations for router addresses
–
not significant if number of routers is small (may be inappropriate for core)
Holding packet while address resolution occurs
–
•
in muiti-site networks or virtualized networks that may increase the edge-to-edge delay,
hold time for packets awaiting address resolution may increase significantly
IPv6 Subnet Model (RFC5942)
–
this RFC does not substantially change ND performance, it simply clarifies that there is
no default subnet prefix size and makes small modifications for security