INTERNET-DRAFTIPv6 Working Group R.Hinden/NokiaHinden INTERNET-DRAFT Nokia January4, 200226, 2004 D. Thaler Expires July 2004 Microsoft IPv6 Host to Router Load Sharing<draft-ietf-ipv6-host-load-sharing-00.txt><draft-ietf-ipv6-host-load-sharing-01.txt> Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of[RFC2026].RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to useInternet-DraftsInternet- Drafts as reference material or to cite them other than as "work in progress."To view theThe list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft ShadowDirectories, seeDirectories can be accessed at http://www.ietf.org/shadow.html.This internet draft expires on July 4, 2002. Abstract This document defines a change to IPv6 Neighbor Discovery thatCopyright Notice Copyright (C) The Internet Society (2004). All Rights Reserved. Draft IPv6hosts can useHost toload share their outgoing traffic between multiple default routers. 1. Introduction IPv6 hosts on a LAN will usually learn about default routers by receivingRouterAdvertisements sent using the IPv6 Neighbor Discovery protocol [ND]. If there are multiple routers the hosts will automatically learn about them and have multiple default routers to send off link traffic.Load Sharing January 2004 Abstract The original IPv6Neighbor Discovery protocolconceptual sending algorithm does not requireany specific procedure for hosts to divide (i.e., load share) outgoing traffic between these routers. This document defines procedures thatload-sharing among equivalent IPv6hosts can use to load share their outgoing traffic between multiple default routers. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",routers, and"OPTIONAL"suggests schemes which can be problematic inthispractice. This documentareupdates the conceptual sending algorithm so that traffic tobe interpreted as described in [RFC 2119]. 2. Background RFC2461 "Neighbor Discovery for IPv6" [ND] definesdifferent destinations is distributed among routers insection 6.3.6an efficient fashion. 1. Introduction In the conceptual sending algorithmfor selecting default routers. This algorithm is invoked duringin [ND] and in the optional extension in [ROUTERSEL], a next hopdeterminationis chosen when no destination cache entry exists for an off-link destination or when communication through an existing router is failing. Normally a routerwould beis selected the first time traffic is sent to a specificdestination.destination IP address. Subsequent traffic to the same destinationwould continueaddress continues to usethisthe same router unless therewasis someotherreason to change to a different router (e.g., a redirect message is received,etc.). ND further specifies that when there are multiple reachable default routers, an implementation may always return the sameor a router(e.g.,is found to be unreachable). In both thefirstbase algorithm and in thelist) or may cycle through the list of reachable default routers inoptional extension, sometimes around robin manner. It does not require any specific behavior in the casehost has a choice of multipledefault routers.equivalent routers for a destination. That is, all other factors are equal and a host must break a tie via some implementation-specific means. It is desirable when there is more than onedefaultequivalent router thatthehosts distribute their outgoing traffic among these routers. Thisdocument changes the ND behavior to require that an implementation cycle throughshares thelist of defaultload among multiple routersin a random order. 3. Load Sharing The load sharing algorithm changesand provides better performance for the host's traffic. [ND] does not require any particular behavior in this respect. It specifies that an implementation may always choose thecurrently specified defaultsame routerselection algorithm to(e.g., the first in the list) or may cycle through thelist of reachable defaultrouters in a round-robin manner. Both of these suggestions are problematic. Clearly, always choosing the same router does not provide load sharing. Some problems with naive tie-breaking techniques such as round-robin and randomorder. This should haveare discussed in [MULTIPATH]. While theeffect of distributing outgoing traffic for new destinations amongdestination cache provides some stability since thedefault routers. Random selection, versus round robin,determination isused to avoid synchronizationnot per-packet, cache evictions or timeouts can still result in unstable or unpredictable paths over time, lowering thehostsperformance and making it harder to diagnose problems. Round- robin selectionof a default router. Bullet 1)may also result insection 6.3.6 "Default Router Selection" [ND]synchronization issues among hosts, where in the worst case the load isreplaced withconcentrated on one Draft IPv6 Host to Router Load Sharing January 2004 router at a time. In thefollowing: 1) Routers thatremainder of this document, the key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" arereachable or probably reachable (i.e.,to be interpreted as described inany state other than INCOMPLETE)[RFC2119]. 2. Load Sharing When a host chooses from multiple equivalent routers, it MUST choose using some method which distributes load for different destinations among the equivalent routers. That is, a host MUST NOT always choose the same router (e.g., the first in the list). A host SHOULDbe preferred over routers whose reachability is unknown or suspect (i.e.,use a hash-based scheme, such as those described in [MULTIPATH], which takes theINCOMPLETE state, ordestination IP address into account. Note that traffic forwhich no Neighbor Cache entry exists). An implementation SHOULD pick routers froma given destination address will use thedefaultsame routerlist in random order while making sure it always returnsas long as the Destination Cache Entry for the destination address is not deleted. With areachable orhash-based scheme, traffic for aprobably reachablegiven destination address will use the same routerwhen oneover time even if the Destination Cache Entry isavailable. 4.deleted, as long as the list of equivalent routers remains the same. 3. Acknowledgments Theauthorauthors of this document would like to thank Erik Nordmark, Brian Haberman, Steve Deering, Aron Silverton, and Christian Huitema for their helpful suggestions.5.4. Security ConsiderationsThis document requiresAs mentioned in [MULTIPATH], when next-hop selection is predictable, annodeapplication can synthesize traffic that will all hash the same, making it possible tocycle throughlaunch a denial-of-service attack against thelistload sharing algorithm, and overload a particular router. A special case ofdefault routers. There are no known security issues withthischangeis when the same (single) next-hop is always selected, such as in the algorithm allowed by [ND]. Introducing hashing can make such an attack more difficult; the more unpredictable the hash is, the harder it becomes to conduct a denial-of-service attack against any single router. Draft IPv6Neighbor Discovery. 6.Host to Router Load Sharing January 2004 5. Normative References[ADD-ARH] Hinden, R., S. Deering, "IP Version 6 Addressing Architecture", RFC2373, July 1988. [ICMPv6] Conta, A., S. Deering, "Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6)", RFC2463, December 1998. [IPv6] Deering, S., R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC2460, December 1998.[ND] Narten, T.,E.Nordmark, E. and W. Simpson, "Neighbor Discovery for IP Version 6 (IPv6)",RFC2461,RFC 2461, December 1998. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels",RFC2119,RFC 2119, BCP0014, March 1997. 6. Informative References [MULTIPATH] Thaler, D. and C. Hopps, "Multipath Issues in Unicast and Multicast Next-Hop Selection", RFC 2991, November 2000. [ROUTERSEL] Draves, R. and D. Thaler, "Default Router Preferences and More-Specific Routes", Work in progress, draft-ietf- ipv6-router-selection-03.txt, December 2003. 7.Author's AddressAuthors' Addresses Robert Hinden Nokia 313 Fairchild Drive Mountain View, CA 94043USPhone: +1 650 625-2004 Email:hinden@iprg.nokia.combob.hinden@nokia.com Dave Thaler Microsoft Corporation One Microsoft Way Redmond, WA 98052 Phone: +1 425 703 8835 EMail: dthaler@microsoft.com 8. Revision History (This section to be removed before publication as an RFC) Changes from draft-ietf-ipv6-router-selection-02.txt: Draft IPv6 Host to Router Load Sharing January 2004 o Split load sharing back into its own document. o Made hash-based, rather than random, the rule. 9. Full Copyright Statement Copyright (C) The Internet Society (2004). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implmentation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.