Re: Reducing the battery impact of ND

"Pascal Thubert (pthubert)" <> Sat, 01 February 2014 11:02 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id C29251ACCEB for <>; Sat, 1 Feb 2014 03:02:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -10.036
X-Spam-Status: No, score=-10.036 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 1yhjcveWcCsS for <>; Sat, 1 Feb 2014 03:02:38 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id AD4611ACCF8 for <>; Sat, 1 Feb 2014 03:02:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=3996; q=dns/txt; s=iport; t=1391252555; x=1392462155; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=aaLKI/byeGvYr2KgRgVp085Z+C2fGjU5Nld/llPtHiE=; b=AQA0L8QJNcC0gWHAWWBRd9B1aRf3Scw8Gos2naEPVj074sE4JGyCnbV6 UuAvFvMaF3qBpixFxrFmcelfQzV85QCc7Ipoeedq/Gm0+ukc/cd5pNlty OSC0ckH1VWVfXl5kmPgjNYF27v13IVWGTxaaJX9Kc9Ofvs/h2wFp9bAQx U=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="4.95,760,1384300800"; d="scan'208";a="17191491"
Received: from ([]) by with ESMTP; 01 Feb 2014 11:02:34 +0000
Received: from ( []) by (8.14.5/8.14.5) with ESMTP id s11B2YKQ024021 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Sat, 1 Feb 2014 11:02:34 GMT
Received: from ([]) by ([]) with mapi id 14.03.0123.003; Sat, 1 Feb 2014 05:02:33 -0600
From: "Pascal Thubert (pthubert)" <>
To: Carsten Bormann <>
Subject: Re: Reducing the battery impact of ND
Thread-Topic: Reducing the battery impact of ND
Thread-Index: AQHPHzUTiMCxaPXhG0aRhxb2a+DuMZqgO80n
Date: Sat, 01 Feb 2014 11:02:33 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <>, <>
In-Reply-To: <>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: Thomas Watteyne <>, 6man WG <>
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 01 Feb 2014 11:02:41 -0000

+1, Direct from an implementor of the hackery in question in widely distributed switches and wireless controllers.

Our first generation was really about protecting against rogues (SAVI, RA GUARD).

Interestingly, our second generation was focussed on multicast control to protect the wireless medium (ND Suppression including RA throttling and ND proxy) to address customers and product management requests for the wifi market.

Based on that support, I have developped a prototype backbone router that learns southwards from 6LoWPAN ND registration and proxies northwards classical ND.

6TiSCH has planned a plugfest during the IETF and I hope we´ll be able to demo this fonctionality at that time with real ipv6 motes.



> Le 1 févr. 2014 à 11:05, "Carsten Bormann" <> a écrit :
> On 01 Feb 2014, at 08:49, Erik Nordmark <> wrote:
>>> ... and can someone please remind me what exactly was wrong with ARP? Other than the fact that v4 uses it?!
> What Erik said, plus maybe this reminder:
> When ARP was invented more than 30 years ago, Ethernet networks were run on the assumption that everyone on them could be trusted, both from a security and from an implementation bugs perspective.
> (Those yellow-cable networks were so fragile... Let’s not digress.)
> To make ARP actually work in less peaceful environments, there is usually significant hackery deployed at layer 2 (in Ethernet switches and WiFi base stations/controllers).  With all that hackery in place, it may *seem* as if ARP works, but it is really the combination of the ARP implementation in the IP nodes and the magic in the switches that makes this so.
> ND inherited most of this situation, except that the hackery wasn’t deployed yet.  That’s why you hear so much about ND being “insecure”, “not deployable” — ND really is much better than ARP, it just had to wait for the hacks to catch up.  The directed multicast of ND (as opposed to ARP’s broadcast) only makes a difference where L2 actually implements that directionality; more hackery.  (The irony is that MLD now becomes an address registration protocol that is needed to make the illusion of "no registration" work at the ND level, but I digress again.)
> So the reality today is that we have this fragile combination of the documented protocols and the switch vendor magic that makes it all work.  Of course, the switch vendors don’t complain; it creates an opportunity for market differentiation.
> Now, for 6LoWPAN, we had to build something that relies much less on multicast.  That became 6LoWPAN-ND, RFC 6775.  Having built this fine hammer, of course other nails sprang to mind.  The above situation looks like a fine nail to me (except that legacy compatibility makes things so much more complex).  That’s maybe the explanation why this discussion didn’t start with documenting the well-known problems, but with looking at one specific solution, and how it could be made to work with legacy.  But I agree documenting the problem would be a worthwhile exercise, if it is not used as an excuse to stop looking for solutions.
> Clearly, efficient-ND will work best if it doesn’t require a new layer of L2 hackery, and if it cooperates reasonable with (or works around) the existing, deployed hackery.  This is more work to make sure given that this hackery is only partially documented.  So that is maybe another reason to work on documenting ARP/ND’s problems and the existing magic.
> Grüße, Carsten
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> Administrative Requests:
> --------------------------------------------------------------------