On 10/09/2014 13:53, Ewen McNeill wrote:

On 10/09/14 13:09, Dean Pemberton wrote:

...

http://blog.bimajority.org/2014/09/05/the-network-nightmare-that-ate-my-week...

TL;DR version seems to be: driver bug (Intel NIC, in Dell), plus many IPv6 addresses (eg, older IPv6 privacy addresses), plus many IPv6 Neighbor Discovery multicast groups, plus what seems to some sort of MLD-handling slow path (Juniper) seems to have led to priority inversion that caused STP processes not to run often enough which led to flooding. All were sad.

Yes. It's very debatable whether MLD snooping is ever a good idea, and if you're going to do it, please buy kit with lots of TCAM and fast path processing for normal IPv6 MLD packets. In this case it also seems that the version of Ubuntu is at fault for generating too many privacy addresses and keeping them alive far too long. It has aroused quite some discussion in IETF-land too. Brian

On the driver bug front, this (from the comments to the post Dean linked to):

http://packetpushers.net/good-nics-bad-things-blast-ipv6-multicast-listener-...

seems to be the same driver bug issue. May be worth investigating if you have Intel NICs on certain Dell hardware and some IPv6 things enabled (that second event seems to have been with Cisco switches).

Ewen _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog