[v6ops] RFC 6437 - IPv6 flow label usage in context of ECMP

Gyan Mishra <hayabusagsm@gmail.com> Tue, 08 December 2020 20:22 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id B88783A112B; Tue, 8 Dec 2020 12:22:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.087
X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id lcTb_K2NLkdt; Tue, 8 Dec 2020 12:22:36 -0800 (PST)
Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4150B3A1129; Tue, 8 Dec 2020 12:22:36 -0800 (PST)
Received: by mail-pf1-x432.google.com with SMTP id 131so14965036pfb.9; Tue, 08 Dec 2020 12:22:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=eYs/r0WzY6dNsFT0eupBFT4VaVjaPNww8ACMhUgrqqw=; b=JVrRup6dmku6wjhrf1TmdZBxAF7PA/kXLSSbSvgg4AgB9C94yf+CzwfoYsn2B83DOu hrIRTbHLHJu2yQsZdyULf7fvi/VHX+gEmxrDb4TnIOMpNDpOtUcUX17lu/8rivoXRDJ3 G2b8AwGGjS4WzZLlr1SPoDqgz4TXW3PV0cOHq1VaeKdBFC7IJBODlQwkad4noR3qjon+ o2/fezf/9LQgktbeSbZcpLUfILe6iZhoEgkHwNtWHSR04qtmkWqg2auVf6Hw6HVltyzW QyEilfjiSon5GvlUH5c8k4AmyjQa0td6E2svmnBGcVGHbt0X7B97T0pY2elnYdxfWIWT qYPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=eYs/r0WzY6dNsFT0eupBFT4VaVjaPNww8ACMhUgrqqw=; b=MuIn0UCs77bMIYYq9yOTGW6VqQ5d9Mqdis7yO1XWfPaHUYpbuvs8XhpWyUar0Tjw4t ZnDiIPNdr4oXm/h2Ol0QAq/HadoT9CvBZu0uM0wkfLs69pshcR4tmJOfvkuNFfnYfclP KRiAvHRg1jN0gI4beuZiIAgbwnRoMOukuozNHwYldAcYgBGyyuQaxiMERe2YMuiDpc6F uiXD5cJ/h7IzYdS24HPLK7SBw9dLvW1YpRbb7ZPMExa1+O+q5CYoA4UnaIQWlEwC0hrg UvLxHvjzyzR0rRqn6iZykgmAAaxAbmMjCgN3jHntnx1CyQ1v8jhEy0N+eGfKHJtEbAx/ f5mA==
X-Gm-Message-State: AOAM5324IL7YvABLE8IrAwii4lGIUybGL0AhZRuRndQNMwOTsl5YMcH1 LFo8kdosjhJwZoG4/+x9qMsYxRPKmi1NmuMYGcuzsZi+YR8=
X-Google-Smtp-Source: ABdhPJxmlRK414dtqHoHKz7IxZhS3VINTqA8G8br/yK186V6+WUjJLQlY11nDmZ/Z+9O/Lwn9Ujnoo0o2FmT65R4rn4=
X-Received: by 2002:a17:90a:178b:: with SMTP id q11mr5824577pja.132.1607458955229; Tue, 08 Dec 2020 12:22:35 -0800 (PST)
MIME-Version: 1.0
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Tue, 8 Dec 2020 15:22:24 -0500
Message-ID: <CABNhwV13gy77cSYq3=P8nmgoD6aRB8_r48QkzA2T6piVQ7CVXw@mail.gmail.com>
To: IPv6 IPv6 List <ipv6@ietf.org>, IPv6 Operations <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000047fe505b5f9b4aa"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/m3clZrZL1tCmLe4bi4jrFNHi8J4>
Subject: [v6ops] RFC 6437 - IPv6 flow label usage in context of ECMP
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Dec 2020 20:22:39 -0000

Dear v6ops & 6man,

I have a question related to how IPv6 flow label works in the context of
router ECMP load balancing characteristics resulting in even or uneven load
balancing based on the understanding flow based or n-tuple ECMP hash based
per packet algorithm.

My understanding of RFC 6437 is that the IPv6 flow label is a means of
classification of packets that are part of the same flow from a particular
flow for use in QOS marking.

>From a load balancing perspective the flow key could be used to identify a
flow and path taken on routes in a case of load balancing ECMP hash.

The goal of IPv6 flow label is for ordering of packets to be part of the
same network path in an ECMP hash resulting in flow based load balancing
identical to what exists today with IPv4.

What is confusing is if flow label 5 tuple is input to a ECMP hash
algorithm similar to LAG and MLAG which yields  per packet load balancing
based on n-tuple hash implemented by most vendors.  This would be
preferable if as it would yield even load balancing.

Or is the flow label goal to maintain the per flow load balancing and use
for QOS packet classification so all packets that are part of a particular
flow use the same ECMP path.  In this case the n-tuple hash key generated
is just to identify which path the flow had taken on a router but not an
input to a hash algorithm function as exists with LAG or MLAG.

The difference is significant as far as load balancing as a n-tuple input
to ECMP hash algorithm achieves close to 50/50 load balancing where per
flow load balancing can be uneven as it’s based on flows and thus from a
network standpoint high bandwidth flows may hash to one ECMP path and low
bandwidth flows may hash to another ECMP path.

So in general with parallel links bundling LAG and MLAG is always preferred
method for load balancing distribution over ECMP.  However L3 ECMP always
exists and is optimal to assist further load balancing which often times
exists in conjunction with LAG and MLAG.

Excerpt from a doc I found online related to IPv6 flow label operation:

A flow is a sequence of packets sent from a particular source to a
particular (unicast or multicast) destination for which the source  desires
special handling by the intervening routers. The nature of  that special
handling might be conveyed to the routers by a control  protocol, such as a
resource reservation protocol, or by information  within the flow's packets
themselves, e.g., in a hop-by-hop option.  The details of such control
protocols or options are beyond the scope of this document.

There may be multiple active flows from a source to a destination, as well
as traffic that is not associated with any flow. A flow is uniquely
identified by the combination of a source address and a  non-zero flow
label. Packets that do not belong to a flow carry a  flow label of zero.

A flow label is assigned to a flow by the flow's source node. New flow
labels must be chosen (pseudo-)randomly and uniformly from the  range 1 to
FFFFF hex. The purpose of the random allocation is to  make any set of bits
within the Flow Label field suitable for use as  a hash key by routers, for
looking up the state associated with the  flow.

All packets belonging to the same flow must be sent with the same  source
address, destination address, and flow label. If any of those packets
includes a Hop-by-Hop Options header, then they all must be  originated
with the same Hop-by-Hop Options header contents  (excluding the Next
Header field of the Hop-by-Hop Options header).  If any of those packets
includes a Routing header, then they all must be originated with the same
contents in all extension headers up to  and including the Routing header
(excluding the Next Header field in  the Routing header). The routers or
destinations are permitted, but  not required, to verify that these
conditions are satisfied. If a  violation is detected, it should be
reported to the source by an ICMP Parameter Problem message, Code 0,
pointing to the high-order octet  of the Flow Label field (i.e., offset 1
within the IPv6 packet).

The maximum lifetime of any flow-handling state established along a flow's
path must be specified as part of the description of the
state-establishment mechanism, e.g., the resource reservation  protocol or
the flow-setup hop-by-hop option. A source must not re-  use a flow label
for a new flow within the maximum lifetime of any  flow-handling state that
might have been established for the prior  use of that flow label.

Excerpt from Section 2 below:

   The 20-bit Flow Label field in the IPv6 header [RFC2460
<https://tools.ietf.org/html/rfc2460>] is used by a
   node to label packets of a flow.  A Flow Label of zero is used to
   indicate packets that have not been labeled.  Packet classifiers can
   use the triplet of Flow Label, Source Address, and Destination
   Address fields to identify the flow to which a particular packet
   belongs.  Packets are processed in a flow-specific manner by nodes
   that are able to do so in a stateless manner or that have been set up
   with flow-specific state.  The nature of the specific treatment and
   the methods for flow state establishment are out of scope for this

   Flow label values should be chosen such that their bits exhibit a
   high degree of variability, making them suitable for use as part of
   the input to a hash function used in a load distribution scheme.  At
   the same time, third parties should be unlikely to be able to guess
   the next value that a source of flow labels will choose.

   o  Forwarding nodes such as routers and load distributors MUST NOT
      depend only on Flow Label values being uniformly distributed.  In
      any usage such as a hash key for load distribution, the Flow Label
      bits MUST be combined at least with bits from other sources within
      the packet, so as to produce a constant hash value for each flow
      and a suitable distribution of hash values across flows.
      Typically, the other fields used will be some or all components of
      the usual 5-tuple.  In this way, load distribution will still
      occur even if the Flow Label values are poorly distributed.

   Although uniformly distributed flow label values are recommended
   below, and will always be helpful for load distribution, it is unsafe
   to assume their presence in the general case, and the use case needs
   to work even if the flow label value is zero.

   As a general practice, packet flows should not be reordered, and the
   use of the Flow Label field does not affect this.  In particular, a
   Flow label value of zero does not imply that reordering is

Kind Regards




*Gyan Mishra*

*Network Solutions A**rchitect *

*M 301 502-134713101 Columbia Pike *Silver Spring, MD