cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

IPv6: Neighbor Discovery Protocol (NDP)

47318
Views
10
Helpful
2
Comments

     

     

    Introduction

     

    As defined in RFC 2461 of IETF, the Neighbor Discovery is a key protocol of IPv6. Neighbor Discovery Protocol is an umbrella that defines these mechanisms:

     

    1. Subsitute of ARP – Since ARP has been removed in IPv6, IPv6 follows a newer way to find the link-layer addresses of nodes on the local link. This new mechanism uses a mix of ICMPv6 messages and multicast addresses.
    2. Stateless Auto-Configuration - This mechanism allows nodes on the local link to configure their IPv6 addresses by themselves by using a mix of ICMPv6 messages and multicast addresses.
    3. Router Redirection - The router sends ICMPv6 messages to an IPv6 node to inform it of the presence of a better router address on the same local link to reach a destination network.

     

    Neighbour Discovery (ND) is for end hosts predominately, whereas routers themselves advertise gateway capabilities via Router Advertisements (RA). This mechanism rely on ICMPv6 Type 133 and 134. NS/ND’s can be triggered with pings when using routers.

     

    Table 1-A: ICMPv6 Messages Defined For NDP

     

    ICMPv6 TypeName of Message

    Type 133Router Solicitation (RS)
    Type 134Router Advertisement (RA)

    Type 135

    Neighbor Solicitation (NS)

    Type 136

    Neighbor Advertisement (NA)

    Type 137

    Redirect Message

     

     

    The table 1-A, shows the ICMPv6 messages that are used by NDP mechanisms. ARP subsitution uses neighbor solicitation (ICMPv6 Type 135) and neighbor advertisement (ICMPv6 Type 136) messages. Prefix advertisemnet and prefix renumbering use router solicitaion (ICMPv6 Type 133) and router advertisement (ICMPv6 Type 134) messages. DAD uses neighbor solicitation. Router redirection uses redirect messages (ICMPv6 137).

     

    Table 1-B: ICMPv6 Messages Used by NDP Mechanisms

     

    MechanismICMPv6 Type 133

    ICMPv6 Type 134

    ICMPv6 Type 135

    ICMPv6 Type 136

    ICMPv6 Type 137

    Replacement Of ARP            X          X 
    Prefix Advertisement       X        X   
    Prefix Renumbering       X        X   
    DAD          X  
    Router Redirection            X

     

    On Cisco devices, parameters of NDP and the mechanisms under it's umbrella are controlled by using the ipv6 nd command.

     

    Multicast Address and ICMPV6 Addresses used by NDP for replacing ARP

     

    pic2.bmp

    To verify the neighbor adjancy enteries in the neighbor discovery table use the command, "show ipv6 neighbors [ipv6-address-or-name | interface_type interface_number]"

     

    How Neighbor Solicitation & Neighbor Advertisement Works

     

    This section describes in detail how neighbor solicitation messages, neighbor advertisement messages, and solicited-node multicast addresses are used in IPv6 to replace ARP. Then, Cisco IOS Software commands related to neighbor solicitation and neighbor advertisement are explained.

    Following is the neighbor discovery process (refer Figure A)

     

        1. Using the address FEC0::1:0:0:1 :A, node A wants to deliver packets to destination node B using the IPv6 address FEC0::1 :0:0:1 :B on the same local link. However, node A does not know node B's link-layer address. Node A sends an ICMPv6 Type 1 35 message (neighbor solicitation) on the local link using its site-local address FEC0::1:0:0:1:A as the IPv6 source address, the solicited-node multicast address FF02::1 :FF01:B corresponding to the target address FEC0::1 :0:0:1 :B as the destination IPv6 address, and the source link-layer address 00:50:3e:e4:4c:00 of the sender, node A, as data of the ICMPv6 message. The source link-layer address of this frame is the link-layer address 00:50:3e:e4:4c:00 of node A. The destination link-layer address 33:33:FF:01 :00:0B of this frame uses multicast mapping of the destination IPv6 address FF02::1 :FF01 :B.
        2. Node B, which is listening to the local link for multicast addresses, intercepts the neighbor solicitation message because the destination IPv6 address FF02::1:FF01:B represents the solicited-node multicast address corresponding to its IPv6 address FEC0::1:0:0:1:B.
        3. Node B replies by sending a neighbor advertisement message using its site-local address FEC0::1 :0:0:1 :B as the IPv6 source address and the site-local address FEC0::1 :0:0:1 :A as the destination IPv6 address. It also includes its link-layer address 00:50:3e:e4:4b:01 in the ICMPv6 message. After receiving neighbor solicitation and neighbor advertisement messages, node A and node B know each other's link-layer addresses.

     

     

    Learned link-layer addresses are kept in a neighbor discovery table (neighbor cache). Therefore, the nodes can communicate on the local link. The neighbor solicitation message is also used by nodes to verify the reachability of neighbor nodes in the neighbor discovery table (neighbor cache). However, the unicast addresses of the neighbor nodes are used as destination IPv6 addresses in ICMPv6 messages instead of solicited-node multicast addresses in this situation. It is possible for a node that changes its link-layer address to inform all other neighbor nodes on the local link by sending a neighbor advertisement message using the all-nodes multicast address FF02::1 . The neighbor discovery table of the nodes on the local link is updated with the new linklayer address.

     

    Figure A

    pic3.bmp

     

    Verification

     

    Router#show ipv6 neighbors

    IPv6 Address                              Age Link-layer Addr State Interface
    FE80::221:A0FF:FEC1:3D80                    0 0021.a0c1.3d80  REACH Gi0/1.1
    2607:F3B0:252:6::1                          0 0021.a0c1.3d80  REACH Gi0/1.1

     

    Here is another example of WireShark Capture from Router R1 (Fa0/0) interface, explaining Neighbour Discovery.

    Two Routers R1 and R2 are connected via interface FastEthernet 0/0.

     

    R1(Fa0/0) ----------- (Fa0/0) R2

     

    R1 (Fa 0/0)
    2012::1

    R2 (Fa 0/0)2012::2

     

    References

     

    Implementing IPv6 Addressing and Basic Connectivity

    IETF: Neighbor Doscovery For IP Version 6 (IPv6)

    IPv6 Frequenty Asked Questions (FAQ's)

    Cisco: IPv6

     

    Comments
    Beginner

    Excellent post... I like packet captures.

    Beginner

     HI ,

     

    if we have 2 routers connected to the same network , one PC joined this network , for sure Router solicitation and advertising will happen , which router is chosen as Default gateway and why ??  

     

    Thank you 

    CreatePlease to create content
    Content for Community-Ad
    July's Community Spotlight Awards