Internet Engineering Task Force                                E. Vyncke
Internet-Draft                                                P. Thubert
Intended status: Informational                          E. Levy-Abegnoli
Expires: August 10, 2014                                           Cisco
                                                        February 6, 2014


 Why Network-Layer Multicast is Not Always Efficient At Datalink Layer
                draft-vyncke-6man-mcast-not-efficient-00

Abstract

   Several IETF protocols (IPv6 Neighbor Discovery for example) rely on
   IP multicast in the hope to be efficient with respect to available
   bandwidth and to avoid generating interrupts in the network nodes.
   On some datalink-layer network, for example IEEE 802.11 WiFi, this is
   not the case because of some limitations in the services offered by
   the datalink-layer network.  This document lists and explains all the
   potential issues when using network-layer multicast over some
   datalink-layer networks.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on August 10, 2014.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect



Vyncke, et al.           Expires August 10, 2014                [Page 1]


Internet-Draft    L3 Multicast is not always efficient     February 2014


   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Issue on Wired Ethernet Network . . . . . . . . . . . . . . .   2
   3.  Issues on IEEE 802.11 Wireless Network  . . . . . . . . . . .   4
     3.1.  Multicast over Wireless . . . . . . . . . . . . . . . . .   4
     3.2.  Low Power and Sleep Mode  . . . . . . . . . . . . . . . .   6
     3.3.  Battery Impact  . . . . . . . . . . . . . . . . . . . . .   7
     3.4.  Even Unicast NDP is not Optimum . . . . . . . . . . . . .   7
   4.  Measuring the Amount of IPv6 Multicast  . . . . . . . . . . .   7
   5.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   8
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   8
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .   8
   8.  Informative References  . . . . . . . . . . . . . . . . . . .   8
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   9

1.  Introduction

   Several IETF protocols rely on the use of link-local scoped IP
   multicast in the hope of reducing traffic over the underlying
   datalink network and generating less operating systems interrupts for
   the receiving nodes.  For example, IPv6 Neighbor Discovery [RFC4861]
   uses link-local multicast to:

   o  advertise the presence of a router by sending router advertisement
      to IPv6 address link-local multicast address (LLMA), ff02::1,
      whose members are only the IPv6 nodes but per [RFC4291] section 3
      those messages must be forwarded on all ports.  This IPv6 LLMA is
      mapped to the Ethernet Multicast Address (EMA) 33:33:00:00:00:01;

   o  solicit the data-link layer address of an adjacent on-link node by
      sending a neighbor solicitation to the solicited-node multicast
      address corresponding to the target address such as
      ff02:0:0:0:0:1:ffXX:XXXX (where the last 24 bits are the last 24
      bits of the target address) as described in [RFC4291].  This IPv6
      LLMA is mapped to the EMA 33:33:ff:XX:XX:XX.

2.  Issue on Wired Ethernet Network

   Most switch vendors implement MLD snooping [RFC4541] in order to
   forward multicast frames only to switch ports where there is a member
   of the IPv6 multicast group.  This optimization works by installing
   hardware forwarding states in the switch.  As there is a finite



Vyncke, et al.           Expires August 10, 2014                [Page 2]


Internet-Draft    L3 Multicast is not always efficient     February 2014


   amount of memory in the switches, especially when the memory is used
   by the data plane forwarding, there is also a limit to the number of
   MLD optimization states i.e. a limit to the number of IPv6 multicast
   groups that can be optimized by the switch; frames destined to groups
   without such a state are flooded on all ports in the same datalink
   domain, and generally the use of MLD snooping is reserved to groups
   with a scope wider than link local.

   With IPv6, all nodes have usually at least two IPv6 addresses: a
   link-local and a global address.  If both addresses are based on
   EUI-64, then they share the same 24 least-significant bits, hence
   there is only one solicited-node multicast address per node.  Else,
   there is a high probability that the 24 least-significant bits are
   different, hence requiring the membership to two solicited-node
   multicast addresses.  If a switch uses MLD snooping to install
   hardware-optimized multicast forwarding states for LLMA, then the
   switch installs two hardware-optimized states per node as EUI-64
   addresses are no more commonly used.  If privacy extension addresses
   [RFC4941] are used, then every node can have multiple IPv6 global
   addresses, most of which are not based on EUI-64, a large switch
   fabric will have to support multiple times more states for multicast
   EMA than it does for unicast addresses, resulting in an excessive
   amount of resources in each individual switch to be built at an
   affordable price.

   Therefore, due to cost reason, the multicast optimization by MLD
   snooping of solicited-node LLMA is disabled on most Ethernet
   switches.  This means wasting:

   o  the switch bandwidth as it works as a full-duplex hub;

   o  the nodes CPU as all nodes will have to receive the multicast
      frame (if their network adapter is not optimized to support MAC
      multicast) and quickly drop it.

   Leveraging MLD snooping to save layer-2 switches from flooding link-
   local multicast messages carries additional challenges.  Unsolicited
   MLD reports are usually sent once (when link comes up) and not
   acknowledged.  There exist a retransmission mechanism, but it is not
   generally deployed, and it does not guarantee that subsequent
   retransmission won't also get lost.  The switch could easily end up
   with incomplete forwarding states for a given group, with some of the
   listeners ports, but not all (much worse than no state at all).  As
   the switch does not know one of its forwarding entry is incomplete,
   it can't fall back to broadcasting.  As ordinary MLD routers, the
   switch could query reports on a periodic basis.  However, it is not
   practical for layer-2 access switches to send periodic general MLD




Vyncke, et al.           Expires August 10, 2014                [Page 3]


Internet-Draft    L3 Multicast is not always efficient     February 2014


   queries to maintain forwarding states accuracy for at least 2
   reasons:

   o  The queries must be sourced with a link-local IPv6 address, one
      per link, and, for many practical reasons, layer-2 switches don't
      have such address on each link (vlan) they operate on.

   o  Since address resolution uses a multicast group, and may happen
      quite frequently on the link, in order to avoid black holing
      resolution, the interval for a switch to issue MLD general query
      would have to be very small (a few seconds).  These MLD queries
      are themselves sent to a multicast group that all nodes would need
      to get.  That would completely defeat the purpose of reducing
      multicast traffic towards end nodes.

3.  Issues on IEEE 802.11 Wireless Network

3.1.  Multicast over Wireless

   Wireless networks are a shared half-duplex media: when one station
   transmits, then all others must be silent.  A multicast or broadcast
   transmission from an AP is physically transmitted to all STAs and no
   other node can use the wireless medium at that time.  This is the
   first issue with the use of wireless for multicast: the medium access
   behaves as a Ethernet hub.

   Depending on distance and radio propagation, different wireless
   clients may use different transmission encodings and data rates.  A
   lower data rate effectively locks the medium for a longer time per
   bit.  In order to reach all nodes, and considering that multicast and
   broadcast frames are not protected by ARQ (retries), the AP is
   constrained to transmit all multicast or broadcast frames at the
   lowest rate possible, which in practice is often translated to rates
   as low as 1 Mbps or 6 Mbps, even when the unicast rate can reach a
   hundred of Mbps and above.  It results that sending a single
   multicast frame can consume as much bandwidth as dozens of unicast
   frames.  Table Table 1 provides some example values of the bandwidth
   used by multicast frames transmitted from the AP (i.e. not counting
   the original multicast frame transmitted by the WiFi client to the AP
   when he source is effectively wireless).











Vyncke, et al.           Expires August 10, 2014                [Page 4]


Internet-Draft    L3 Multicast is not always efficient     February 2014


   +--------------+---------------+---------------+--------------------+
   | Lowest WiFi  |  Highest WiFi |  Mcast frame  |  WiFi Utilization  |
   |     rate     |      rate     |     %-age     |      by Mcast      |
   +--------------+---------------+---------------+--------------------+
   |    1 Mbps    |    11 Mbps    |      1 %      |        9 %         |
   |    6 Mbps    |    54 Mbps    |      1 %      |        9 %         |
   |    6 Mbps    |    54 Mbps    |      5 %      |        45 %        |
   |    6 Mbps    |    54 Mbps    |      10 %     |        90 %        |
   +--------------+---------------+---------------+--------------------+

                       Table 1: Multicast WiFi Usage

   If multiple APs cover the same wireless LAN, then the multicast
   frames must be transmitted by all APs to all their WiFi clients
   (STAs).

   Communication of a multicast frame by a WiFi client requires three
   steps:

   1.  The WiFi client sends a datalink unicast frame to the AP at its
       maximum possible rate

   2.  The WiFi AP forwards this frame on its wired interface and
       broadcasts it (as explained above) to all its WiFi clients.  If
       there are multiple AP on the same datalink domain, then, all AP
       also broadcast this multicast frame.

   3.  A WiFi NIC that implements the STA in the client filters the
       frames that are effectively expected by this device based on
       destination address.

   Another side effect of multicast frames is that there cannot be an
   acknowledgement mechanism (ARQ) similar to that used for unicast
   frame, therefore frames can be missed and NDP does not take this not
   negligible packet loss into account.  This could have a negative
   impact for Duplicate Address Detection (DAD) if the multicast NS and
   the multicast NA with override are lost.

   For a well-distributed multicast group where relatively few devices
   actually participate to any given group, there should be no
   transmission at all if none of the clients expects the multicast
   destination address, and there should be very few unicast but fast
   transmissions to the limited set of interest STAs when there is
   effectively a match in the set of associated devices.  But there is
   no mechanism in place to ensure that functionality.






Vyncke, et al.           Expires August 10, 2014                [Page 5]


Internet-Draft    L3 Multicast is not always efficient     February 2014


3.2.  Low Power and Sleep Mode

   In order to save their battery, Low Power hosts go into sleep mode
   until awaken by a user interaction or by an incoming frame destined
   for the host.  When a host wakes up, it cannot determine whether it
   has moved to another network (SSID are not unique), hence, it has to
   send a multicast Router Solicitation (which triggers a Router
   Advertisement message from all adjacent routers) and the mobile host
   has to do Duplicate Address Detection for its link-local and global
   addresses, thus means transmitting at least two multicast Neighbour
   Solicitation messages which will be repeated by the AP to all other
   WiFi clients.

   This process creates a lot of multicast packets:

   o  one multicast Router Solicitation from the WiFi client, which is
      received by the AP and if the AP is not optimized, then the Router
      Solitication is broadcasted again over the wireless link;

   o  one multicast Neighbor Solitication for the host LLA from the WiFi
      client, which is received by the AP and if the AP is not
      optimized, the message is transmitted back over the wireless link;

   o  per global address (usually 1 or 2 depending on whether privacy
      extension is active), same behavior as above.

   In conclusion and in the good case of not having privacy extension,
   this means 6 WiFi broadcast packets plus the unicast replies on each
   wake-up of the device.  Assuming a packet size of 80 bytes, this
   translates into about 120 bytes to take into account the WiFi frame
   format which is larger than the usual Ethernet frame, the table
   Table 2 gives some result of the WiFi utilization just for the
   multicast part of the wake-up of sleeping devices... This does not
   take into account the rest of the multicast utilization used by RS,
   RA, NS, NA, MLD, ... and the associated unicast traffic.

   +---------+---------+------------+----------+---------+-------------+
   |   WiFi  | Wake-up |   Mcast    |  Mcast   |  Lowest |    Mcast    |
   | Clients |  Cycle  | packet/sec | bit/sec  |   WiFi  | Utilization |
   |         |         |            |          |   Rate  |             |
   +---------+---------+------------+----------+---------+-------------+
   |  6 000  |   600   |     60     |   57.6   |  1 Mbps |     6 %     |
   |         |         |            |   kbps   |         |             |
   +---------+---------+------------+----------+---------+-------------+

             Table 2: Multicast WiFi Usage by Sleeping Devices





Vyncke, et al.           Expires August 10, 2014                [Page 6]


Internet-Draft    L3 Multicast is not always efficient     February 2014


3.3.  Battery Impact

   As the IP multicast frame is actually broadcasted over the wireless
   network, this also means that all wireless receivers must process
   this frame even if it will be dropped quickly by the host kernel
   because the host is not part of the IP multicast group.  This goes
   beyond a waste of CPU and affect mobile device batteries... because
   in order to save the battery, it is common for mobile device to go
   into sleep mode when inactive to be awaken by the radio receiver
   (which is always on) in order to process wireless frame received
   either to the unicast MAC address or to any multicast MAC address or
   to the broadcast MAC address.  Even if the device can go quickly back
   to sleep mode after discarding the IP packet, it drains the battery.

3.4.  Even Unicast NDP is not Optimum

   OLE SUGGESTION: Wrong thing to add as NDP cache are refreshed only
   when needed, i.e., this would anyway wake up the mobile.  Also, it is
   not really related to the title of the document...

   NDP cache needs to be maintained by refreshing the neighbor cache for
   entries which are in the STALE state.  This requires yet another
   Neighbor Solicitation / Neighbor Advertisement round.  Even if the
   destination IP and MAC addresses are unicast, this traffic is
   generated and again wakes up mobile devices.

4.  Measuring the Amount of IPv6 Multicast

   There are basically three ways to measure the amount of IPv6
   multicast traffic:

   o  sniffing the traffic and generating statistics, somehow an
      overkill:

   o  exporting IPfix data and doing aggregation on the ff02::/16 link-
      local multicast prefix

   o  using SNMP to query on the AP the IP-MIB [RFC4293] with commands
      such as:

      *  snmpwalk -c private -v 1 udp6:[2001:db8::1] -Ci -m IP-MIB
         ifDesc: to get the interface names and index;

      *  snmpwalk -c private -v 1 udp6:[2001:db8::1] -Ci -m IP-MIB
         ipIfStatsOutTransmits.ipv6: to get the global transmit counters
         (i.e. unicast and multicast as there is no broadcast in IPv6);





Vyncke, et al.           Expires August 10, 2014                [Page 7]


Internet-Draft    L3 Multicast is not always efficient     February 2014


      *  snmpwalk -c private -v 1 udp6:[2001:db8::1] -Ci -m IP-MIB
         ipIfStatsOutMcastPkts.ipv6: to get the multicast packet
         counter.

5.  Acknowledgements

   The authors would like to thank Norman Finn, Steve Simlo, Ole Troan,
   Stig Venaas and Andrew Yourtchenko for their suggestions and
   comments.

6.  IANA Considerations

   This memo includes no request to IANA.

7.  Security Considerations

   The only security considerations about this document is that by
   forcing a lot of traffic to be multicast, then, a denial of service
   (DoS) attack could be mounted on available bandwidth and battery of
   some network nodes.

8.  Informative References

   [RFC4291]  Hinden, R. and S. Deering, "IP Version 6 Addressing
              Architecture", RFC 4291, February 2006.

   [RFC4293]  Routhier, S., "Management Information Base for the
              Internet Protocol (IP)", RFC 4293, April 2006.

   [RFC4541]  Christensen, M., Kimball, K., and F. Solensky,
              "Considerations for Internet Group Management Protocol
              (IGMP) and Multicast Listener Discovery (MLD) Snooping
              Switches", RFC 4541, May 2006.

   [RFC4861]  Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
              "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
              September 2007.

   [RFC4941]  Narten, T., Draves, R., and S. Krishnan, "Privacy
              Extensions for Stateless Address Autoconfiguration in
              IPv6", RFC 4941, September 2007.

   [packet_loss]
              Department of Computer Sciences, University of Wisconsin
              Madison, USA, "Diagnosing Wireless Packet Losses in
              802.11: Separating Collision from Weak Signal",
              <http://pages.cs.wisc.edu/~suman/pubs/diagnose.pdf>.




Vyncke, et al.           Expires August 10, 2014                [Page 8]


Internet-Draft    L3 Multicast is not always efficient     February 2014


Authors' Addresses

   Eric Vyncke
   Cisco
   De Kleetlaan, 6A
   Diegem  1831
   BE

   Phone: +32 2 778 4677
   Email: evyncke@cisco.com


   Pascal Thubert
   Cisco

   Email: pthubert@cisco.com


   Eric Levy-Abegnoli
   Cisco

   Email: elevyabe@cisco.com





























Vyncke, et al.           Expires August 10, 2014                [Page 9]