IPv6 Basics: Neighbor Discovery Protocol NDP

In this issue, we will introduce the basic neighbor discovery protocol in the IPv6 system based on ICMPv6, namely IPv6 ND. The neighbor discovery protocol replaces the ARP and route discovery functions in the IPv4 protocol stack, and implements functions such as address resolution, duplicate address detection, router discovery, and route redirection.

[[276997]]

1. ICMPv6 message types used by IPv6 Neighbor Discovery Protocol

The IPv6 Neighbor Discovery Protocol uses five types of ICMPv6 message types to implement functions such as address resolution, duplicate address detection, router discovery, and route redirection. The specific ICMPv6 message types and their specific functions are as follows:

1. ICMPv6 Neighbor Solicitation message

Neighbor Solicitation (NS) message: The Type field value is 135, and the Code field value is 0. Its role in address resolution is similar to that of the ARP request message in IPv4. It is used to obtain the link layer address of the neighbor, verify whether the neighbor is reachable, and perform duplicate address detection.

2. ICMPv6 Neighbor Advertisement Message

Neighbor Advertisement Message NA (Neighbor Adivertisment) Message: The Type field value is 136, and the Code field value is 0. Its role in address resolution is similar to that of the ARP reply message in IPv4. It is used to respond to NS messages. In addition, when a node changes at the link layer, it actively sends out NA messages to inform neighbors of the changes of the node.

3. ICMPv6 Router Solicitation Message

ICMPv6 Router Solicitation message: The Type field value is 133. After the node is started, it sends a request to the router through the RS message to request the prefix and other configuration information for automatic configuration of the node.

4. ICMPv6 Router Advertisement Message

ICMPv6 Router Advertisement message: The Type field value is 134, which is a response to the RS message. If the RA message is not suppressed, the router will periodically publish RA messages, which include the prefix information option and some flag information.

5. ICMPv6 Redirect message

ICMPv6 Redirect message: The Type field value is 137. When certain conditions are met, the default gateway sends a redirect message to the source host, allowing the host to reselect the correct next-hop address to send subsequent messages.

2. Address resolution

Obtain the link layer address of the neighbor node on the same link (same as the ARP function of IPv4), which is implemented through the neighbor solicitation message NS and the neighbor advertisement message NA. Node 1 wants to obtain the link layer address of node 2.

Before sending a message to node 2, node 1 needs to resolve the link layer address of node 2. The address resolution process is as follows (we use the HCL simulator to simulate this process):

The network is as follows:

Overall message interaction overview (NS and NA):

① Node 1 will send an NS message with a Type value of 135 and a source address of the IPv6 address of Node 1. The destination address is the requested node multicast address of Node 2, and the link layer address to be requested is the link layer address of Node 2. At the same time, the Options field of the NS message carries the link layer address of Node 1. As shown in the following figure:

② After receiving the NS message, node 2 will respond with an NS message. The source address is the IPv6 address of node 2, the destination address is the IPv6 address of node 1, and the link layer address of node 2 will be placed in the Option field.

③Node 1 obtains the link layer address of node 2.

Finally, we can view RouterA's IPv6 address information and all neighbor information on the router:

When pinging a link-local address, you need to use the -i parameter to specify the interface of the link-local address.

3. Duplicate address detection

When a node obtains an IPv6 address, it needs to use the duplicate address detection function to determine whether the address has been used by other nodes (similar to the free ARP function of IPv4). Duplicate address detection can be implemented through NS and NA.

When performing DAD detection, an IPv6 unicast address is called a tentative address after it is assigned to an interface and before it passes the duplicate address detection. At this time, the interface cannot use this tentative address for unicast communication, but it will still join two multicast groups: the ALL-NODES multicast group and the Solicited-Node multicast group corresponding to the tentative address.

IPv6 duplicate address detection technology is similar to free ARP in IPv4: a node sends an NS message with an experimental address as the requested target address to the Solicited-Node multicast group where the experimental address to be used is located. If an NA message is received in response from the node, it proves that the address has been used on the network and the node will not be able to communicate using the experimental address.

DAD detection process:

PC1's IPv6 address 2000::1 is a newly configured address, that is, 2000::1 is the experimental address of PC1. PC1 sends an NS message with 2000::1 as the requested destination address to the Solicited-Node multicast group of 2000::1 for duplicate address detection. Since 2000::1 has not been formally specified, the source address of the NS message is an unspecified address. When PC2 receives the NS message, there are two ways to handle it:

If PC2 finds that 2000::1 is an experimental address of itself, PC2 will give up using this address as the interface address and will not send NA messages.

If PC2 finds that 2000::1 is an address that is already in use, PC2 will send an NA message to the ALL-NODES multicast group of the address, and the message will include 2000::1. In this way, after receiving this message, PC1 will find that its experimental address is duplicated and will abandon the address.