Ran,
On 2011-06-22 01:03, RJ Atkinson wrote:
> Earlier, Brian Carpenter wrote:
>> I'd have to trawl the archive to find all the arguments,
>> but the main issue was that any attempt to include semantics
>> in the bits of the flow label leads to complexity that
>> probably can't be handled at line speed in a scaleable way.
>
> That claim presumes that a typical IPv6 router is using CPU-based
> packet forwarding. I believe that assumption to be incorrect.
> (By the way, this assumption underlies a lot of the discussion
> on the IPv6 list. Those of us who build ("have built", in my own
> case) real routers try to speak up about this from time to time,
> apparently without having much impact on WG thinking.
>
> I believe that most deployed IPv6 routers are using ASIC-based
> or FPGA-based forwarding of IPv6 packets. NP-based forwarding
> is not uncommon, but is probably less common. An advantage
> of NP-based forwarding engines or FPGA-based forwarding engines
> is that new capabilities can be added on the fly. While some
> deployed ASIC-based forwarding engines are programmable, most
> IPv6-capable ASIC forwarding engines are not programmable.
>
> Even the really low-cost consumer electronics routers that
> support IPv6 generally do so via commodity silicon packet
> processors offered by a range of different merchant silicon
> firms based in various countries (example: Broadcom).
>
> Since the majority of the lifespan of IPv6 is well into the
> future, and deployment today remains pretty small today,
> compared with say 3 years from now, re-allocating those 4 bits
> seems entirely possible to me.
Anything's possible. I was trying to summarise what I recall
from the discussions that led to the WG consensus.
>
>> Also 16 bits might make it too easy for a malicious party
>> to predict flow label values.
>
> That makes no mathematical sense to me.
>
> To the extent 16 bits is problematic, 20 bits also would be
> problematic. So that argument also does not make sense to me.
> Even if someone has formal maths behind that claim, which so far
> I haven't seen claimed on the IPv6 WG list, Moore's Law would
> defeat any claim that 20 bits is adequate within ~5 years.
Sure, we are talking about the difference between a brute force
attack with a million choices vs 65k choices; not a strong argument,
of course.
Brian
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
