Pared down IPv6 packet headers were designed to help network devices process the next-generation addressing protocol faster than their predecessor, IPv4. But fewer fields come with a tradeoff. Many source devices add IPv6 extension headers to packets, which could negate any potential improvements in router performance if wide area network (WAN) pros don't have routers equipped to handle them. The Internet Engineering Task Force (IETF) is trying to mitigate this problem by developing a standard for IPv6 extension headers.
"A router has to be able to 'think' more to handle the extension headers," said Bill Cerveny, a senior software quality assurance engineer at Arbor Networks, a network monitoring and security software vendor. "Making a router think more potentially impacts how much [data] it can process and how many packets it can send. It can make the [CPU] think more than it typically has to, which can have the negative effect of overwhelming the router."
While an IPv4 packet header contains 14 fields—including source and destination addresses—an IPv6 packet header contains eight fields. The router has fewer fields to process, but as a result, not every piece of information can get squeezed into the first 40 bytes of a standard IPv6 header, Cerveny said. A source computer may put any extra data, such as instructions about how to handle a particular type of traffic, into a separate and optional header called an IPv6 extension header.
Not every IPv6 packet contains an extension header. And given the immaturity of IPv6 adoption, experts are uncertain about how dramatically IPv6 extension headers will affect WAN pros, said Cerveny, who recently blogged about the challenges of IPv6 extension headers.
"It's not really clear how common extension headers will be. They may be a relatively rare occurrence, but on the other hand, it's possible these extension headers will occur in large quantities," Cerveny said. "[Router vendors] are certainly aware of it and making progress ... but it is certainly worthwhile for a network engineer to ask [his or her] router vendor how they handle [IPv6 extension headers]. And in some cases [WAN pros] may even want to test it themselves."
IPv6 extension headers are commonly used for packet fragmentation, which occurs when a packet is too big for the network and must be broken up into smaller pieces, Cerveny said. The "fragmentation header" contains the information that helps the packet reassemble at its destination, but its ability to do so becomes compromised if routers drop or can't efficiently process the IPv6 extension headers, he said.
In a "perfectly functional network," enterprise WAN pros wouldn't have to worry about IPv6 extension headers, Cerveny said.
"But obviously this isn't a perfect world, and in this stage of IPv6, the devices may or may not handle IPv6 packets in ways that are expected," he said.
IPv6 extension headers can tax routers
WAN pros have limited flexibility with IP extension headers. If they support them, router performance could suffer, but if they ignore them, routers could misroute or drop packets, Cerveny said.
"Routers and other devices have to make a decision. They have to decide whether they're going to ignore the extension header and send [the packet along] very quickly ... even though it doesn't really know what the packet is," he said. "Or is the router going to spend more time trying to figure out what this packet is? And if you've got a very large number of packets [with IPv6 extension headers] ... the router may become overwhelmed."
Cisco Systems claims its routers that "leverage hardware forwarding are designed to take into consideration the role and processing requirements of IPv6 extension headers without impacting performance," according to an IPv6 extension headers whitepaper it published in 2006.
If the router only gets a few of these extension headers at one time, the router may have no problem handling them. But if it gets a lot of them at once, it may affect [router] performance.
Senior Software Quality Assurance Engineer, Arbor Networks
Routers process data efficiently by finding all of the information needed to route traffic at a consistent offset, which refers to how many bytes into the packet a given field typically begins, Cerveny said. Once some of that information gets squeezed out of the first 40 bytes assigned to the standard IPv6 header—and into an IPv6 extension header—a router won't find everything it needs in its usual spot, he said.
"Information about whether this packet is about a Web transaction or a video packet would occur—without extension headers—about 40 bytes into the packet," he said. "But with extension headers, this information has shifted maybe eight bytes further [down] ... and [the router] says, 'This is an extension header. I can't tell what's inside this packet. I need to look further inside this packet,' and to do this, the router has to essentially think more."
If the router does not know that it should look in the IPv6 extension header, it may miss the pertinent information entirely and start dropping or misdirecting packets, Cerveny said.
To make matters worse, an IPv6 packet may contain multiple extension headers, he said.
"If the router only gets a few of these extension headers at one time, the router may have no problem handling them," Cerveny said. "But if it gets a lot of them at once, it may affect [router] performance."
IETF tackles router performance issues in IPv6 extension headers
There is no standard format for IPv6 extension headers and not all information in extension headers is worthwhile for routers to process, according to the IETF, which developed the IPv6 standard more than a decade ago. A working group within the IETF—including engineers from Ericsson, Alcatel-Lucent, Google, Apple and Symantec—has been working for the past few years to develop a standard for IPv6 extension headers that would mitigate the router performance risks.
The draft document, described as a "work in progress," suggests developing a standard that would put optional destination information into a class of extension header called a destination options header, which only the endpoint has to read. Another type of extension header called a hop-by-hop options header requires "intermediate devices," such as routers and firewalls, to process the information within it—sometimes unnecessarily, according to the IETF.
As of the latest update to the draft, posted July 11, the working group has proposed using destination options headers as "the preferred mechanism for encoding optional destination information." This would relieve routers from having to process all IPv6 extension headers when not all contain useful information, according to the draft.
Let us know what you think about the story; email: Jessica Scarpati, Senior News Writer.
This was first published in August 2011