Ted Lemon wrote:
Apparently the issue is that although they have isolated various L3 networks with quite reasonable client loads, they are using a hybrid L2/L3 virtualized switch environment that winds up not properly containing the MLD multicasts.
Seemingly, the problem becomes apparent because MLD snooping is now being deployed. But, even without MLD snooping, a lot of multicast traffic should have been and will continue to be annoying. > And they have a lot of buggy
machines that keep temporary addresses around longer than they should.
According to: http://inconcepts.biz/~jsw/ipv6_nd_problems_with_l2_mcast.pdf in page 15: How will I run out of 1000 groups? If your layer-2 domain contains 1000 VMs (one rack of modern servers) Then just link-local IPv6 addresses will produce 1000 groups the problem is more fundamental. Then, though the slide says: FIX: Eliminate Solicited-Nodes How could we transition to this? Add a bit or Option to ND Router Advertisement so all hosts on the subnet will know about it –In about 10 years everyone will be updated… :-/ it is more straight forward to totally abandon ND and just use ARP even for IPv6, especially because no protocol work is necessary (RFC826, as is, is applicable to IPv6 and ND is not mandated for IPv6). Useful features of ND not supported by ARP can be offered by DHCP. Masataka Ohta