Home page logo
/

nanog logo nanog mailing list archives

Re: subnet prefix length > 64 breaks IPv6?
From: Ray Soucy <rps () maine edu>
Date: Wed, 28 Dec 2011 10:44:01 -0500

For what its worth I haven't stress tested it or anything, but I
haven't seen any evidence on any of our RSP/SUP 720 boxes that would
have caused me to think that routing and forwarding isn't being done
in hardware, and we make liberal use of prefixes longer than 64
(including 126 for every link network).  They might just be under
capacity to the point that I haven't noticed, though.  I have no
problem getting muti-gigabit IPv6 throughput.

On Wed, Dec 28, 2011 at 10:30 AM, Ryan Malayter <malayter () gmail com> wrote:


On Dec 28, 8:50 am, sth... () nethelp no wrote:

It might lead you to believe so - however, I believe this would be
commercial suicide for hardware forwarding boxes because they would no
longer be able to handle IPv6 at line rate for prefixes needing more
than 64 bit lookups. It would also be an easy way to DoS such boxes...

That's just what I'm arguing here: no vendor info I've seen positively
says they *can* handle line-rate with longer IPv6 prefixes. The other
information available leads one to believe that all the published
specs are based on /64 prefixes.

Even a third-party test reports don't mention IPv6 or prefix length at
all:
http://www.aristanetworks.com/media/system/pdf/LippisTestReportMay2011.pdf

Cisco actually has published quite a bit of info, e.g.

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod...

"Delivering scalable forwarding Performance: up to 400 Mpps IPv4 and
200 Mpps IPv6 with dCEF"

They have also published EANTC tests which include IPv6 forwarding rates.

Except nowhere in there is the prefix length for the test indicated,
and the exact halving of forwarding rate for IPv6 leads one to believe
that there are two TCAM lookups for IPv6 (hence 64-bit prefix lookups)
versus one for IPv4.

For example, what is the forwarding rate for IPv6 when the tables are
filled with /124 IPv6 routes that differ only in the last 60 bits?

Even then EANTC test results you reference make no mention of the
prefix length for IPv4 or IPv6, or even the number of routes in the
lookup table during the testing:
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/prod_white_paper0900aecd800c958a.pdf





-- 
Ray Soucy

Epic Communications Specialist

Phone: +1 (207) 561-3526

Networkmaine, a Unit of the University of Maine System
http://www.networkmaine.net/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault