On 16/02/2011 19:08, Igor Ybema wrote:
I do not understand why everyone claims that 'the routing table growth' is the reason not to allow too much IPv6 PI.
This is not really relevant to address-policy-wg, but it probably does need some explanation, because there are probably people on the mailing list who may not understand why some people get so upset about the issue. When a packet passes through a router, the router needs to decide where to send that packet. The way it works is that the router examines the destination IP address of the packet and performs a search through the entire routing table to see what the next hop address of that packet should be. The component on a router which does this lookup is called a "lookup engine", and depending on how big the router is, it will be implemented in one of a couple of different ways. On a low-end router (e.g. Juniper J series or Cisco 7200/7300), this is done on the main CPU. As this is a generic purpose CPU, this means that a router of this form will only be able to handle forwarding a certain number of packets per second before the CPU gets to busy to handle any more. A router of this form is generally referred to as a "software router". On a higher-end router (e.g. Juniper MX / M / T series, or Cisco GSR/CRS/7600), they use dedicated hardware lookup-engines, and in a chassis + blade system, these lookup engines will often be located on the line cards themselves. The advantage of this is that you can achieve _much_ higher throughput on the router. The disadvantage is that dedicated hardware of this form tends to be very expensive. A router of this form is generally referred to as a "hardware router". One of the more common hardware components for performing IP address lookups is called TCAM - ternary content addressable memory. It performs a similar function to an associative array in a language like PHP, except it's implemented in hardware. It's ridiculously fast and ridiculously expensive, and because it's so expensive, router manufacturers tend not to put large quantities into their lookup engines. So, a router vendor like Cisco might create a router with a lookup engine which had enough TCAM for 256000 ipv4 addresses (e.g. C7600/SUP7203B), or 500,000 entries (e.g. ASR1001), or they might make a line card with its own dedicated lookup engine which could handle 1,000,000 ipv4 addresses (e.g. ASR9000, brocade XMR). While you get very good performance from these lookup engines, you are also constrained by the fact that if the number of prefixes on your router exceeds the number of TCAM slots, then your router will either drop the packets or else do the lookup on the route-processor CPU. I.e. the moment you hit 1,000,001 prefixes, your €200,000 C7600 with 20 x 10G ports will turn into a software router with the performance of a C7200VXR. This is generally considered to be a Bad Thing. If there are too many routes on the internet, this will cause the capacity of these routers to be exceeded, and they will need to be upgraded with a device with more lookup capacity. Replacing one or two routers like this for a small service provider is expensive, but if you have to perform a forklift upgrade on a continental or global infrastructure, you may be talking about hundreds of millions of € / $ / £ worth of investment. Getting back to IPv6 PI assignments, the reason that people are so upset about them is that an IPv6 prefix can take up to 4 times the amount of TCAM than an ipv4 prefix. I.e. it fills up your router's routing slots 4 times faster. So, it will cause serious problems in future years if there is lots of IPv6 PI assigned to lots of end-users. Nick