3Neighbor Discovery Overview Set of messages and processes that determine relationships between neighboring nodesReplaces ARP, ICMPv4 Router Discovery, and ICMPv4 RedirectND is used by nodes:For address resolutionTo determine link-layer address changesTo determine neighbor reachability
4ND is used by hosts: ND is used by routers: To discover neighboring routersAuto configure addresses, address prefixes, and other configuration parametersND is used by routers:To advertise their presence, host configuration parameters, and on-link prefixesTo inform hosts of a better next-hop address to forward packets for a specific destination
5Neighbor Discovery Message Format ICMPv6 message structure and ICMPv6 typesAll ND messages are sent with a hop limit of 255Neighbor Discovery MessageIPv6 HeaderNext Header(58)Neighbor DiscoveryMessage HeaderNeighbor DiscoveryMessage Options
6Neighbor Discovery Processes Address ResolutionResolve a neighbor's IPv6 address to its link-layer (MAC) address.It is equivalent to ARP in IPv4.Neighbor Unreachability Detection (NUD)Determine that an address for use is not already in use by a neighbor node.It is equivalent to Gratuitous ARP frames in IPv4.Duplicate Address Detection (NAD)Determine that the IPv6 layer of a neighbor is no longer receiving packetsMight not be the final destination but the reachability of the first hop of the destination
7Neighbor Discovery Processes Router DiscoveryA host discovers the local roter(s) on the attached linkDetermine which local router is a default gatewaySwitch to backup default router if the primary one is unavailableRoute Lifetime expirationNeighbor Unreachability Detection (NUD)Network Prefix(es) discoveryParameters discovery (link MTU, Max Hop Limit, auto-config)It is equivalent to ICMPv4 Router DiscoveryRedirect FunctionProcess of a router inform a host of a better first hop IPv6 address to reach a destinationIt is equivalent to ICMPv4 Redirect Message
8Address ResolutionAn exchange of Neighbor Solicitation (NS) and Neighbor Advertisement (NA) messages to resolve the link-layer address of the next-hop addressMulticast Neighbor Solicitation messageDestination of NS is the solicited-node multicast address derived from target addressSource address of NS is the sender’s unicast addressUnicast Neighbor Advertisement messageDestination of NA is the requester’s unicast addressSource address and target address are same.Both hosts update their neighbor cachesUnicast traffic can now be sent
9Address Resolution Host A Host B MAC: 00-10-5A-AA-20-A2 IP: FE80::210:5AFF:FEAA:20A2MAC: E-A5IP: FE80::260:97FF:FE02:6EA5
10Multicast Neighbor Solicitation Ethernet HeaderDestination MAC is FF-02-6E-A5IPv6 HeaderSource Address is FE80::210:5AFF:FEAA:20A2Destination Address is FF02::1:FF02:6EA5Hop limit is 255Neighbor Solicitation HeaderTarget Address is FE80::260:97FF:FE02:6EA5Neighbor Discovery OptionSource Link-Layer Address is A-AA-20-A2Host AMAC: A-AA-20-A2IP: FE80::210:5AFF:FEAA:20A2 Send multicast Neighbor SolicitationNSMAC: E-A5IP: FE80::260:97FF:FE02:6EA5Host B
11Multicast NS Destination Derivation The solicited-node multicast address is constructed from the prefix FF02::1:FF00:0/104 and the last 24 bits of a unicast IPv6 addressMapping IPv6 Multicast Addresses to Ethernet AddressesIPv6 Multicast AddressFF…:Multicast Ethernet Addresses33-33-
13Unicast Neighbor Advertisement Ethernet HeaderDestination MAC is A-AA-20-A2IPv6 HeaderSource Address is FE80::260:97FF:FE02:6EA5Destination Address is FE80::210:5AFF:FEAA:20A2Hop limit is 255Neighbor Advertisement HeaderTarget Address is FE80::260:97FF:FE02:6EA5Neighbor Discovery OptionTarget Link-Layer Address is E-A5Host AMAC: A-AA-20-A2IP: FE80::210:5AFF:FEAA:20A2NA‚ Send unicast Neighbor AdvertisementMAC: E-A5IP: FE80::260:97FF:FE02:6EA5Host B
14Structure of NS Message TypeCodeChecksumReservedTarget AddressOptions= 135= 0. . .
15Structure of NA Message TypeCodeChecksumRouter flagSolicited flagOverride flagReservedTarget AddressOptions= 136= 0. . .
22Neighbor Unreachability Detection A neighboring node is reachable if:There has been a recent confirmation that IPv6 packets sent were received and processed by the neighboring nodeDetects whether the first hop to the destination is reachableReachability is determined by:Receipt of a Neighbor Advertisement message in response to a unicast Neighbor Solicitation messageUpper layer protocol indicatorsThere are five reachability States:Incomplete, Stale, Delay, Probe, Reachable
24Neighbor Unreachability States Send multicast NSNO ENTRY EXISTSINCOMPLETEMulticast NS retries exceededReceiveSolicited NAReachable Timeexceeded or unsolicitedNA receivedREACHABLEReachability confirmed by sending unicast NS and receiving solicited NAReachability confirmedBy upper layer protocolDelay timeexceededSend packetSTALEDELAYPROBEUnicast NS retries exceeded
25Duplicate Address Detection Use of a neighbor solicitation to detect a duplicate unicast addressTarget Address field in the Neighbor Solicitation message is set to the IPv6 address for which duplication is being detectedThe Source Address is set to the unspecified address (::)For a duplicate address, the defending node replies with a multicast NAThe Destination Address is set to the link-local scope all-nodes multicast address (FF02::1)
26Duplicate Address Detection Replace IPv4 ARP request and Gratutitos ARPWhat is Gratuitous ARP?IPv4 sets both source and target with the same IP address of the sender in ARP requestIf it receives ARP reply, then the IP address is duplicateMust be performed by all nodes (hosts & routers)Performed before assigning a unicast address to an InterfacePerformed on interface initializationNot performed for anycast addressLink must be mulicast address
27Duplicate Address Detection Accomplished by using NS (multicast) and NA messagesNode sends NS with:Source address is unspecific address(::)Destination address is tentative solicited-node addressTarget address field is set to tentative IP addressThe Source Link-layer Address option is not usedIf address already exists, the particular node sends a NA reply with:The destination address of NA is set to FF02::1The solicited flag is 0 because NS is not using the desired IP address
28Multicast NS for Duplicate Address Detection Ethernet HeaderDest MAC is FF-52-F9-D8IPv6 HeaderSource Address is ::Destination Address is FF02::1:FF52:F9D8Hop limit is 255Neighbor Solicitation HeaderTarget Address is FEC0::2:260:8FF:FE52:F9D8Host ATentative IP:FEC0::2:260:8FF:FE52:F9D8 Send multicast Neighbor SolicitationNSHost BMAC: F9-D8IP: FEC0::2:260:8FF:FE52:F9D8
29Multicast NA for a Duplicate Address Ethernet HeaderDestination MAC isIPv6 HeaderSource Address is FEC0::2:260:8FF:FE52:F9D8Destination Address is FF02::1Hop limit is 255Neighbor Advertisement HeaderTarget Address is FEC0::2:260:8FF:FE52:F9D8Neighbor Discovery OptionTarget Link-Layer Address is F9-D8Host ATentative IP:FEC0::2:260:8FF:FE52:F9D8NA‚ Send multicast Neighbor AdvertisementHost BMAC: F9-D8IP: FEC0::2:260:8FF:FE52:F9D8
30Router DiscoveryAttempts to discover the set of routers on the local linkSimilar to IPv4 ICMP router discovery (RFC 1256)In IPv6 RA messages, the Router Lifetime filed indicates the time that router can be considered a default routerAccomplished by sending a multicast Router Solicitation (FF02:2) and the receipt of a multicast Router Advertisement (FF02::1) messageIf the router becomes unavailable, the condition is detected via neighbor unreachability instead of Router Lifetime in the RA messagesA new default router is chosen from default router list or the host sends a RS message to determine a new default router
31Multicast RS Message Host A Router Ethernet Header Destination MAC isIPv6 HeaderSource Address is ::Destination Address is FF02::2Hop limit is 255Router Solicitation HeaderHost AMAC: 00-B0-D0-EIP: none Send multicast Router SolicitationRSMAC: FF-D6-58-C0IP: FE80::210:FFFF:FED6:58C0Router
32Multicast RA Message Host A Router MAC: 00-B0-D0-E9-41-43 IP: none RA Ethernet HeaderDestination MAC isIPv6 HeaderSource Address is FE80::210:FFFF:FED6:58C0Destination Address is FF02::1Hop limit is 255Router Advertisement HeaderCurrent Hop Limit, Flags, Router Lifetime, Reachable and Retransmission TimersNeighbor Discovery OptionsSource Link-Layer Address is FF-D6-58-C0MTU is 1500Prefix Information is for FEC0:0:0:F282::/64Host AMAC: 00-B0-D0-EIP: noneRA‚ Send multicast Router AdvertisementMAC: FF-D6-58-C0IP: FE80::210:FFFF:FED6:58C0Router
33Structure of the RS Message TypeCodeChecksumReservedOptions= 133= 0. . .
34Structure of the RA Message TypeCodeChecksumCurrent Hop LimitManaged Address Configuration flagOther Stateful Configuration flagHome Agent flagDefault Router PreferenceReservedRouter LifetimeReachable TimeRetrans TimerOptions= 134= 0. . .
35Structure of the Prefix Information Option TypeLengthPrefix LengthOn-Link flagAutonomous flagRouter Address flagSite prefix flagReserved1Valid LifetimePreferred LifetimeReserved2Site Prefix LengthPrefix= 3= 4
36Structure of the MTU Option TypeLengthReservedMTU= 5= 1
37Structure of the Advertisement Interval Option TypeLengthReservedAdvertisement Interval= 7= 1
38Structure of the Home Agent Information Option = 1TypeLengthReservedHome Agent PreferenceHome Agent Lifetime= 8
39Structure of the Route Information Option TypeLengthPrefix LengthReserved 1PreferenceReserved 2Route LifetimePrefix= 9
45Redirect Sometimes hosts will pick the wrong next-hop There are several routersSend to a router although destination is connected to the same linkThe router that receives the packetwill retransmit the correct hopSend a Redirect message to the senderAfter receive the Redirect message, the host will send the next message to the correct router
46Unicast Packet to the Router Ethernet HeaderDestination MAC is 00-AAIPv6 HeaderSource Address is FEC0::1:2AA:FF:FE11:1111Destination Address is FEC0::2:2AA:FF:FE99:9999Host AMAC: 00-AAIP: FEC0::1:2AA:FF:FE11:1111FE80::2AA:FF:FE11:1111Unicast Packet Send unicast packetMAC: 00-AAIP: FEC0::1:2AA:FF:FE22:2222FE80::2AA:FF:FE22:2222MAC: 00-AAIP: FEC0::1:2AA:FF:FE33:3333FE80::2AA:FF:FE33:3333Router 3Router 2
47Redirect Message Sent by the Router Ethernet HeaderDestination MAC is 00-AAIPv6 HeaderSource Address is FE80::2AA:FF:FE22:2222Destination Address is FEC0::1:2AA:FF:FE11:1111Hop limit is 255Redirect HeaderTarget Address is FE80::2AA:FF:FE33:3333Destination Address is FEC0::2:2AA:FF:FE99:9999Neighbor Discovery OptionsTarget Link-Layer Address is 00-AARedirected HeaderHost AMAC: 00-AAIP: FEC0::1:2AA:FF:FE11:1111FE80::2AA:FF:FE11:1111‚ Send unicast RedirectRedirectMAC: 00-AAIP: FEC0::1:2AA:FF:FE22:2222FE80::2AA:FF:FE22:2222MAC: 00-AAIP: FEC0::1:2AA:FF:FE33:3333FE80::2AA:FF:FE33:3333Router 2Router 3
48Unicast Packet Forwarded by the Router Ethernet HeaderDestination MAC is 00-AAIPv6 HeaderSource Address is FEC0::1:2AA:FF:FE11:1111Destination Address is FEC0::2:2AA:FF:FE99:9999Host AMAC: 00-AAIP: FEC0::1:2AA:FF:FE11:1111FE80::2AA:FF:FE11:1111Unicast Packet Forward unicast packetMAC: 00-AAIP: FEC0::1:2AA:FF:FE33:3333FE80::2AA:FF:FE33:3333MAC: 00-AAIP: FEC0::1:2AA:FF:FE22:2222FE80::2AA:FF:FE22:2222Router 2Router 3
49Conceptual Host Data Structures To facilitate interactions between neighboring nodes, RFC 2461 defines the following conceptual host data structures as an example of how to store information for ND processes:Neighbor cacheThe neighbor cache stores the on-link IP address of each neighbor, its corresponding link-layer address, and an indication of the neighbor's reachability state.Destination cacheThe destination cache stores information on next-hop IP addresses for destinations to which traffic has recently been sent.Prefix listThe prefix list contains on-link prefixes.Default router listIP addresses corresponding to on-link routers that have sent Router Advertisement messages and are eligible to be default routers are included in the default router list.
50Conceptual Host Data Structures Destination CacheDestinationNext-Hop AddressPMTUNeighbor CacheLink Layer AddressNext-Hop AddressStatePrefix ListDefault Router List
51Host Sending Algorithm 1. Determine the next-hop address for the destinationCheck the destination cacheIf the destination address matches a prefix in the prefix list, next-hop address is destination addressIf the destination address does not match a prefix in the prefix list, next-hop address is the default router address2. Determine the link-layer address for the next-hop addressCheck the neighbor cacheUse address resolution to obtain the link-layer address for the next-hop address3. Send the packet using the link-layer address of the next-hop address
52Y Y N Y Y N N N Indicate an error. Y Check destination cacheCheck neighbor cache for next hopEntryfound ?YObtain next-hopEntryfound?Send packetusing link-layer addressof neighbor cache entry.YNUpdate destination cacheCheck prefix listNAddress resolution fornext-hopMatch?Ydestination as next-hopresolutionsuccessful?YNUpdate neighbor cachedefaultrouter?NNIndicate an error.default router as next-hopY