Monday, November 9, 2015

Goodbye Broadcast

IPv6, Goodbye Broadcast

by Craig Miller

No Bullhorns

IPv6  does NOT use broadcast

The difference between Broadcast and Multicast is kind of like the difference between yelling at the top of your lungs in a large room, and tapping the shoulders of the people you want to talk to, and talking to them in a normal voice. Multicast allows a select group to listen to a message, rather than everyone hearing it, and most discarding it.

By the time  IPv6 was standardized, there was already had 20 years of experience with IPv4. And many of the short-comings of IPv4 were clearly apparent. A common one was broadcast storms, where there is a loop in your network, and broadcasts are allowed to circulate consuming all of your bandwidth, all of it.

So what is wrong with broadcasts, when they aren't storming? They steal cycles from your computer. Each broadcast must be processed by the stack, to determine if the packet is of importance, or should be discarded. Modern NIC cards are smart, but most of this is processing is still done in software. This slows down your computer.

The creators of IPv6 were looking for a better way than using broadcast to announce services, resolve MAC addresses, and tell everyone you are a printer by the corner cube. They decided to use Multicast. IANA has assigned IPv6 multicast addresses starting with FF.

Using Multicast Listener Discovery (MLDv2)

How does a device subscribe to a multicast group? In IPv6, the node uses MLDv2 (Multicast Listener Discovery version 2 RFC 3810). Think of it like an IPv6 version of IGMP (Internet Group Management Protocol RFC 2236). Listeners will announce that they are listening with a MLDv2 listener report. tcpdump show this as:
10:15:45.119950 IP6 fe80::2a0:a512:85:2940 > ff02::1: HBH ICMP6, multicast listener reportmax resp delay: 0 addr: ff02::1, length 24

As you can see the MLDv2 packet is sent to the same multicast address that it is listening on, FF02::1 in the above example. In this example, FF02::1  special multicast used for all IPv6 nodes. But there are other multicast groups. To see which your computer is listening to, run the following ip command:
~$ ip -6 maddr
1: lo
inet6 ff02::1
2: eth0
inet6 ff02::1:ff63:38b6
inet6 ff02::fb
inet6 ff02::1:ffc8:2ebf
inet6 ff02::1:ff54:3534 users 2
inet6 ff02::1

We have seen that FF02::1 is all nodes, and each interface will listen to that multicast address, including the loopback. But what are those other multicast addresses? You will remember that IPv6 uses ICMPv6 to resolve MAC addresses (see IPv6 using ICMP6), when a node needs to resolve a MAC address, it sends an ICMP6 packet to a special multicast address, the solicited node address, which is comprised of FF02, and the last 6 bytes of the IPv6 address (RFC 4291). 

Multiple IPv6 addresses results in Multiple Multicast Listener addresses

This machine has 3 of these addresses. A quick look at the addresses assigned to eth0 will explain a lot:
~$ ip -6 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
    inet6 2001:470:1d:583:d0d6:d79b:353:38b6/64 scope global temporary dynamic 
       valid_lft 7181sec preferred_lft 1781sec
    inet6 2001:470:1d:583:9:4d6c:adc8:2ebf/64 scope global temporary deprecated dynamic 
       valid_lft 7181sec preferred_lft 0sec
    inet6 2001:470:1d:583:129a:ddff:fe54:3534/64 scope global dynamic 
       valid_lft 7181sec preferred_lft 1781sec
    inet6 fe80::129a:ddff:fe54:3534/64 scope link 
       valid_lft forever preferred_lft forever

As stated in a previous post, IPv6 interfaces can have multiple addresses, and this is a fine example. Starting from the bottom up, there is the ever-present link-local address (always starts with FE80). The rest (going up) are all global addresses. 

The next up is a SLAAC (StateLess Address AutoConfig) formed from the MAC address. Next up is a temporary address, but it is deprecated. Temporary addresses by default last 24 hours, but what if you had connections using that address when the 24 hours rolls around? Rather than break the connection, it keeps the address in deprecated state (meaning it will not create new connections with this address), and the top address is the current temporary address.

But what of ff02::fb? This has a direct correlation to IPv4 which is used by mDNS (multicast Domain Name Service).

Multicast Scope

Another advantage of Multicast in IPv6 is the concept of scope, or how widely the multicast will propagate. The 4th digit in a multicast address, e.g. FF0n, represents scope, the following scopes are defined in RFC 4291 as:
1Interface local
8Organizational Local

Note: the examples on eth0 above are all of link-local scope (e.g. FF02::).

Multicast, it is just better than Broadcast

The advantage of Multicast is that only the listeners are disturbed by requests, rather than everyone. Thus saving all those hosts from wasting all those CPU cycles processing and discarding broadcasts. IPv6 is just easier on your network.

*no bullhorns is licensed under creative commons by LucidVisual

1 comment:

  1. Good article, your effort is totally appreciable full of informative stuff thanks for sharing. Keep sharing information like this. Broadcast Printer