<p dir="ltr">Just ad a datapoint to Max' last remark, at sixxs we moved away from kernel based routing by implementing ipv6 routing in userspace (taking tap input and raw socket output) largely because of neighbor cache pollution and a streak of crashes when we started scaling beyond say 2000 interfaces.</p>
<p dir="ltr">Pim</p>
<div class="gmail_quote">On Aug 15, 2013 1:07 PM, "Max Tulyev" <<a href="mailto:maxtul@netassist.ua">maxtul@netassist.ua</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I have some additional info about the issue I found.<br>
<br>
Even if no traffic and no full-view, but a lot of interfaces (tunnel<br>
broker node is a good sample), the static routes are duplicating.<br>
<br>
That is definitely NOT a route cache described below, as route cache is<br>
pointing to the HOST, not to the network.<br>
<br>
<br>
On 15.08.13 13:54, Hannes Frederic Sowa wrote:<br>
> On Thu, Aug 15, 2013 at 11:35:50AM +0100, Phil Mayers wrote:<br>
>> On 15/08/13 11:31, Hannes Frederic Sowa wrote:<br>
>>> On Thu, Aug 15, 2013 at 07:39:23AM +0200, Mikael Abrahamsson wrote:<br>
>>>> On Wed, 14 Aug 2013, Max Tulyev wrote:<br>
>>>><br>
>>>>> What is the soultion? There are *MILLIONS* of flows in the backbone...<br>
>>>><br>
>>>> The solution is not to use a flow routing platform in the core. This<br>
>>>> lesson was learnt at the end of the 90ties.<br>
>>>><br>
>>>> So until the linux ipv6 forwarding code is fixed to do stateless<br>
>>>> forwarding, it's just not suited for your application.<br>
>>><br>
>>> Some time ago I started working on nh-exceptions, but it is a very<br>
>>> delicate change. I hope I can look at this again as soon as I have some<br>
>>> more free time. Because the data structures are already in place for<br>
>>> IPv4 in the generic routing code it should be not such a big patch.<br>
>><br>
>> I guess I'm a little bit confused by this thread.<br>
>><br>
>> Why are nh-exceptions relevant to *forwarding* (as opposed to the host<br>
>> side of the stack, which of course needs to cache all kinds of bits<br>
>> per-destination)<br>
><br>
> It is a common lookup path where the per host routing nodes get cloned and<br>
> reinserted back into the fib.<br>
><br>
>> Or is that what you're saying - the host-based bits will live as<br>
>> "exceptions" on top of a stateless FIB?<br>
><br>
> Yes, that would be the end result of this change. Also these entries will be<br>
> added on demand, so, normally there won't be a lot of exceptions.<br>
><br>
> This is a recent presentation about the IPv4 routing cache removal:<br>
> <<a href="http://workshop.netfilter.org/2013/wiki/images/2/2a/DaveM_route_cache_removed_nfws2013.pdf" target="_blank">http://workshop.netfilter.org/2013/wiki/images/2/2a/DaveM_route_cache_removed_nfws2013.pdf</a>><br>
><br>
> Greetings,<br>
><br>
> Hannes<br>
><br>
><br>
<br>
</blockquote></div>