In message <1339116492.2754.162.camel@karl>, Karl Auer writes: > > --=-ebOzahzuucm9tstf70zM > Content-Type: text/plain; charset="UTF-8" > Content-Transfer-Encoding: quoted-printable > > On Thu, 2012-06-07 at 22:27 +0000, Dave Hart wrote: > > Karl, you seem to fail to understand how ethernet NICs are implemented > > in the real world. Ignoring the optional (but common) promiscuous > > mode support and various offloading, IPv4 ARP is sent as ethernet > > broadcast and the NIC hardware and driver is in no position to filter > > -- it must be done by the IP stack. In contrast, ND is sent as > > ethernet multicast which are filtered by receivers in hardware. > > Whether or not the switches are smart enough to filter is an > > implementation decision that has no bearing on the requirement to > > filter in the NIC hardware. > > I'm the first to admit that I often don't know stuff. One good reason to > be on the NANOG mailing list! But in this case... > > Yes - whether with ARP or ND, any node has to filter out the packets > that do not apply to it (whether it's done by the NIC or the host CPU is > another question, not relevant here). > > But in a properly switched IPv6 network, many/most ND packets do not > arrive at most nodes' network interfaces at all, so those nodes have no > filtering work to do. Yes, the nodes that DO get a packet - those > listening on the relevant multicast group, often a solicited node > multicast group - DO need to filter out the NDs that don't apply to > them, but the point is that a vastly reduced number of nodes are thus > inconvenienced compared. > > The original post posited that ND could cause as much traffic as ARP. My > point is that it probably doesn't, because the ND packets will only be > seen on the specific switch ports belonging to those nodes that are > listening to the relevant multicast groups, and only those nodes will > actually receive the ND packets. In contrast to ARP, which is broadcast, > always, to all nodes, and thus goes out every switch port in the > broadcast domain. > > This is pretty much the *point* of using multicast instead of broadcast.
The point of multicast is be able to reject traffic sooner rather than later. Running IPv6 with a nic that doesn't support several multicast addresses is a real pain which I know from experience. It can however be done. > Regards, K. > > --=20 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
