-----Original Message-----
From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of
Brian E Carpenter
Sent: Wednesday, April 14, 2010 6:26 PM
To: 6man
Cc: Nevil Brownlee
Subject: Extracting the 5-tuple from IPv6 packets
Hi,
Common practice in network monitoring and in QoS technologies is to
identify a flow of packets by the 5-tuple {source address, dest address,
source port, dest port, protocol #}.
This is relatively trivial at line speed in IPv4 since these things are
at fixed locations in the header. But in IPv6, the protocol number is at
the end of a linked list of "next headers." Even if the normal case is
only one item in the linked list, any implementation (hardware or
software) that extracts the 5-tuple has to follow the linked list to the
end.
As Mark Smith said in relation to draft-carpenter-6man-flow-update-02
>> Secondly, for IPv6 packets with a number of extension headers before
>> the transport layer header, I think this rule could impact forwarding
>> performance. While I'm not sure if it is that practical, however it'd
>> be good if flow classification could be done using only fixed headers
>> in the IPv6 packet, or a fixed portion of the fixed header bits.
The problem is, only the protocol number is diagnostic of an individual
flow. The earlier next headers are not guaranteed to be the same for all
packets in a transport session, and they might be the same for packets
in different transport sessions between the same two hosts.
So it seems to me that we are stuck with identifying IPv6 flows by the
5-tuple, even though it means following the linked list to the end. Or
we can forget about identifying individual transport flows, and identify
all traffic between the same two hosts via the 4-tuple {source address,
dest address, source port, dest port}.
[Senthil] In order to get to the port numbers you would still have to
traverse the extension headers and in the process you would identify the
protocol too, isnt that right?
Or we can strongly recommend that all hosts set the flow label, so that
we can use the 3-tuple {source address, dest address, flow label}.
[Senthil] That would be very useful if we can achieve that.
Senthil
What do people think?
--
Regards
Brian Carpenter
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
