IETF Logo Mail Archive

Re: Extracting the 5-tuple from IPv6 packets

Florian Weimer <fw@deneb.enyo.de> Fri, 23 April 2010 11:59 UTC

Return-Path: <fw@deneb.enyo.de>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B64AD3A6D65 for <ipv6@core3.amsl.com>; Fri, 23 Apr 2010 04:59:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.118
X-Spam-Level:
X-Spam-Status: No, score=0.118 tagged_above=-999 required=5 tests=[AWL=-0.233, BAYES_50=0.001, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ou9vH1P+qx1x for <ipv6@core3.amsl.com>; Fri, 23 Apr 2010 04:59:24 -0700 (PDT)
Received: from ka.mail.enyo.de (ka.mail.enyo.de [87.106.162.201]) by core3.amsl.com (Postfix) with ESMTP id 84ACA28C251 for <ipv6@ietf.org>; Fri, 23 Apr 2010 04:28:42 -0700 (PDT)
Received: from [172.17.135.4] (helo=deneb.enyo.de) by ka.mail.enyo.de with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) id 1O5H3a-0006av-Mq; Fri, 23 Apr 2010 13:28:26 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.71) (envelope-from <fw@deneb.enyo.de>) id 1O5H3a-00046o-GQ; Fri, 23 Apr 2010 13:28:26 +0200
From: Florian Weimer <fw@deneb.enyo.de>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Subject: Re: Extracting the 5-tuple from IPv6 packets
References: <4BC64100.303@gmail.com>
Date: Fri, 23 Apr 2010 13:28:26 +0200
In-Reply-To: <4BC64100.303@gmail.com> (Brian E. Carpenter's message of "Thu, 15 Apr 2010 10:26:08 +1200")
Message-ID: <87k4ry1k85.fsf@mid.deneb.enyo.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: Nevil Brownlee <n.brownlee@auckland.ac.nz>, 6man <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Apr 2010 11:59:27 -0000

* Brian E. Carpenter:

> Common practice in network monitoring and in QoS technologies
> is to identify a flow of packets by the 5-tuple
> {source address, dest address, source port, dest port, protocol #}.
> This is relatively trivial at line speed in IPv4 since
> these things are at fixed locations in the header.

Only if you ignore IP options.  Of course, IP options have been
operationally deprecated and are typically not forwarded across the
public Internet.

> But in IPv6, the protocol number is at the end of a linked list of
> "next headers." Even if the normal case is only one item in the
> linked list, any implementation (hardware or software) that extracts
> the 5-tuple has to follow the linked list to the end.

As far as I can tell, all extension headers except fragmentation are
deprecated, similar to IP options in IPv4 land.  This should make
extraction much simpler.

> What do people think?

>From today's perspective, the IPv6 header design is complete crap.
Maybe it was optimized for software forwarding on in-order CPUs, but
that's distant history now.

v2.23.0 | Report a Bug | By Email