IPv6 Neighbor Discovery Protocol

IPv6 Neighbor Discovery Protocol

NDP (Neighbor Discovery protocol, Neighbor Discovery Protocol) is a key protocol of IPv6. It combines ARP, ICMP Router Discovery, ICMP redirection and other protocols in IPv4 and improves them. As the basic protocol of IPv6, NDP also provides features such as prefix discovery, neighbor inaccessibility detection, duplicate address monitoring, and automatic address configuration.
1. Address Resolution: Address Resolution is a method for determining the link layer address of the target node. The address resolution function in NDP not only replaces arp in the original IPv4, but also uses the neighbor inaccessibility detection (NUD) method to maintain the accessibility information between neighboring nodes.
2. Stateless Address Configuration: the unique automatic Address Configuration mechanism in NDP, including some column-related functions, such as router discovery, automatic interface ID generation, and duplicate address monitoring. Through the stateless automatic configuration mechanism, nodes on the Link can automatically obtain the IPv6 global unicast address.
A) vro discovery: network parameter information is published on the link connecting the vro to other networks. After the host captures this information, obtain information such as the global unicast IPv6 address prefix, default route, and link parameter (link MTU.
B) Automatic Generation of interface IDs: the host automatically generates interface identifiers for interfaces according to EUI-64 specifications or other methods.
C) duplicate address monitoring (DAD): After an IPv6 address is generated or manually configured based on the prefix information, to ensure the uniqueness of the address, before it can be used, the host needs to check whether it is used by other nodes on the link.
D) re-address the prefix: when the network prefix changes, the router sends new network parameter information on the link to which it is connected. After the host captures the new information, reconfigure address information such as prefix and link MTU.
3. Route redirection: When a vro arrives at the destination network better on the local link, the vro must notify the node for configuration change.
NDP defines five ICMPV6 Packet types, including RS, Ra, NS, Na, and redirect packets, as shown in Table 2-1.
Table 2-1 ICMPV6 Packet type
ICMPv6 type message name
ICMPv6 type
Message name
Type = 133 RS (router solicitation, router request)
Type = 136 Na (Neighbor Advertisement, neighbor announcement)
Type = 134 RA (router advertisment, vro announcement type = 137
Redirect (redirection packet)
Type = 135 NS (neighbor solicitationh, ranking request)

IPv6 Address Resolution

Address Resolution plays a vital role in packet forwarding. When a node needs to obtain the link layer address of another node on the same link, address resolution is required. IPv6 uses NDP to implement this function and is enhanced. The IPv6 address resolution process consists of two parts: one is to parse the link layer address corresponding to the destination IP address, and the other is to maintain the neighbor accessibility status, that is, neighbor inaccessibility detection.
1. Address Resolution
Compared with IPv4 ARP, IPv6 address resolution technology works at the network layer of the OSI reference model and has nothing to do with the link layer protocol. The benefits of this feature are as follows:
(1) The independence between the Address Resolution Protocol and the underlying link is enhanced. The same address resolution is used for each link layer protocol, and there is no need to define a new Address Resolution Protocol for each link layer protocol.
(2) enhanced security. The layer-3 security authentication mechanism can be used to prevent ARP attacks and ARP spoofing.
(3) reduces the packet transmission range. IPv6 address resolution uses layer-3 multicast addressing to limit the packet transmission range and save network bandwidth.
In IPv6, NDP parses IPv6 addresses to link layer addresses by interacting with NS and Na packets between nodes, then, a neighbor cache table item is created based on the link layer address obtained after resolution and IPv6 address information. From 2 to 10, the link layer address of nodea is 00e0-fc00-0001, the global address is 1: 1: A; the link layer address of NodeB is 00e0-fc00-0002, and the global address is 1: 2: B. When nodea needs to send data packets to NodeB, NDP is required to complete the address parsing process.
(1) nodea sends an NS packet to the link. The destination IPv6 address is the multicast address (ff02: 1: ff02: B) of the requested node corresponding to NodeB ), the option field carries the link layer address 00e0-fc00-0001 of nodea.
(2) After NodeB receives the NS packet, because the destination address ff02: 1: ff02: B of the packet is the multicast address of the requested node of NodeB, therefore, NodeB processes the message. In addition, it updates its neighbor cache table items based on the source address and source link layer address options in the NS message.
(3) NodeB sends a na message to respond to the NS, and carries its link layer address 00e0-fc00-0002 in the target link layer address option of the message.
(4) After nodea receives the NA packet, it creates a neighbor cache table entry to the target node NodeB Based on the NodeB link layer address carried in the packet.
 
Figure 2-10 Address Resolution
Through interaction, nodea and NodeB obtain the link layer address of the other party and establish a cache table entry for the neighbor to reach the other party so that they can communicate with each other. When the link layer address of a node changes, the target address ff02: 1 is used as the multicast address of all nodes to send the NA packet, notifying other nodes on the link to update the neighbor cache table.
2. Neighbor inaccessibility detection (NUD)
NUD (neighbor unreachable detection, neighbor inaccessibility detection) is the process of determining the neighbor accessibility of a node. The neighbor's inaccessibility detection mechanism uses the neighbor's accessibility state machine to describe the neighbor's accessibility.
The neighbor accessibility state machine is saved in the neighbor cache table. There are six statuses:
(1) incomplete (unfinished): The address is being resolved, but the address of the neighbor link layer is not yet determined.
(2) reachable: indicates that the address is successfully resolved and the neighbor is reachable.
(3) stale (invalid state): indicates that the reachable time is exhausted, and it is not determined whether the neighbor is reachable.
(4) Delay: indicates whether the neighbor is reachable. The delay status is not a stable status, but a delayed wait status.
(5) Probe: the node continuously sends NS packets to the neighbor in the probe status.
(6) Empty (idle): indicates that there is no neighboring node cache table item on the node.
 
Figure 2-11 neighbor state machine
The real-line arrows in the figure indicate the status changes caused by the interaction of NS/Na packets. The mutual conversion between statuses is as follows:
① In the empty state, if a packet is sent to the adjacent node, the table items of the adjacent node are created in the local neighbor cache table and placed in the incomplete state, at the same time, it sends NS packets to the adjacent nodes in multicast mode.
② After the node receives the unicast na packet responded by the neighbor, it converts the items in the incomplete state to the reachable state. If the address resolution fails (the multicast NS timed out), the table item is deleted.
③ If a table item in the reachable State does not receive "accessibility confirmation information" about the neighbor within the reachable_time time, it enters the stale state. In addition, if the node receives a non-S-bit na packet from the neighbor node and the link layer address changes, the related table items enter the stale status.
④ Table items in the stale status. When a message is sent to the neighbor, the packet uses the cached link layer address for encapsulation and the table item enters the delay status, wait for receiving the "accessibility confirmation information ".
⑤ After Entering the delay status, if the "accessibility confirmation information" about the neighbor is not received within the delay_first_probe_time, the table entry enters the probe status.
⑥ When the probe state is in place, the node periodically uses the NS message to detect the accessibility of the neighbor. The maximum interval of the probe is retrans_timer. after a maximum of Max _ unicast_solicit attempts, if you still do not receive the NA message from the neighbor, the neighbor is considered inaccessible and the table is deleted.
On nodea, the table items of NodeB are in the stale state. If nodea sends a message to NodeB and no upper-layer protocol can provide the "accessibility confirmation information" of NodeB, nodea needs to re-verify the accessibility to NodeB.
The main differences between the NUD process and the address resolution process are as follows:
(1) The target MAC address of the NS packet of NUD is the MAC address of the target node, and the destination IPv6 address is the unicast address of NodeB, rather than the multicast address of the requested node.
(2) The s mark in the NA packet must be set to indicate that it is a reachable validation packet, that is, this na packet is specially responding to the NS packet.
Automatic Configuration of stateless addresses

IPv6 also defines an automatic configuration mechanism for stateless and stateful addresses. The stateful address is automatically configured to use dhcpv6 to dynamically allocate IPv6 addresses to the host. The Stateless Address is automatically configured through NDP. In the automatic configuration of stateless addresses, the host generates a global unicast address based on the Interface identifier by receiving the RA message from the router on the link.
1. Router Discovery
Vro discovery refers to the process in which the host locates the vro on the local link and determines its configuration information. It mainly includes the following three aspects:
(1) router discovery: the process in which a host discovers a neighbor router and selects a router as the default gateway.
(2) prefix discovery: the host discovers a group of IPv6 prefixes on the local link and generates a prefix list. This list is used for automatic host address configuration and On-link judgment.
(3) parameter discovery: The process of discovering relevant operation parameters on the host, such as MTU, default hop limit of packets, and address allocation method.
2. duplicate address detection
Dad (duplicate address detection) is a process in which the node determines whether the address to be used is unique on the link. All IPv6 unicast addresses, including automatically configured or manually configured unicast addresses, must pass repeated address detection before the node is used.
The dad mechanism is implemented through ns and Na packets. The node sends an NS message, whose source address is unspecified and the destination address is the IPv6 address configured for the interface. After the NS packet is sent to the link, if the NA packet does not receive the response within the specified time, the unicast address is considered unique on the link and can be allocated to the interface; otherwise, if you receive the response na message, it indicates that the address has been used by other nodes and cannot be configured to the interface.
3. Rewrite the prefix
Prefix renumbering allows the network to smoothly transition from the previous prefix to the new prefix, which is used to provide users with transparent network re-addressing capabilities. The router uses the priority time and valid time parameters in the RA message to re-address the prefix.
(1) preferred lifetime: the time when the address is automatically set to remain in the priority State after being stateless.
(2) Valid lifetime: the time when the address remains valid.
For an address or prefix, the priority time is less than or equal to the valid time. When the priority of an address expires, the address cannot be used to create a new connection, but within the validity period, the address can also be used to maintain the previously established connection. When the address is re-edited, The vro in the site will continue to advertise the current prefix, but the effective time and priority time will be reduced to close to 0. Meanwhile, the vro starts to advertise the new prefix. In this way, at least two prefixes exist on each link. The RA message contains an old one and a new IPv6 prefix.
4. automatic configuration of stateless addresses
The stateless configuration of NDP includes two phases: Local Link Address Configuration and global unicast address configuration. When an interface is enabled, the host first generates a local link address for the interface based on the Local prefix fe80:/64 and EUI-64 interface identifier, if an address conflict occurs in the subsequent dad, you must manually configure the local link address for this interface; otherwise, this interface will be unavailable. It must be noted that the priority time and validity time of a local link are infinite and never time out.
The configuration steps for the global unicast address on the host are as follows:
① After configuring the local link address of the host node nodea, the host node sends the RS packet and requests the prefix information of the router.
② After the router receives the RS packet, it sends the unicast Ra packet, carries the prefix information automatically configured for the stateless address, and the router periodically sends the multicast Ra packet.
③ After receiving the RA packet, nodea generates a temporary global unicast address based on the prefix information and configuration information. Start Dad at the same time and send the NS message to verify the uniqueness of the temporary address. At this time, the address is in the temporary status.
④ When other nodes on the Link receive the NS packet of Dad, if no user uses this address, the packet is discarded; otherwise, the NA packet of the NS is returned.
⑤ If nodea does not receive the NA packet of Dad, it indicates that the address is globally unique. Then, use this temporary address to initialize the interface. At this time, the address enters the valid state.
After the address is configured automatically, the router can automatically perform NUD to periodically send NS packets to detect whether the address is reachable.
Vro redirection

During the redirection process, the router sends a redirection message to notify the packet sending node on the link. There is a better data packet forwarding router on the same link. The node that receives the message modifies its local route table. The router only sends a redirection packet to the unicast data stream, and the redirection packet is also sent to the originating host only in the form of unicast, and will only be processed by the originating node.
As shown in Figure 2-12, the default vrortof nodea is RTA. Now, if nodea wants to send data packets to NodeB, the router redirection mechanism must go through the following process:
 
Figure 2-12 vro redirection Process
(1) nodea first transmits the first data packet to its default router RTA. When the packet passes through RTB to NodeB, RTA knows that RTB is a better choice for forwarding packets on the link.
(2) RTA sends an ICMPv6 redirection packet to the nodea of the originating message. The destination address contains the IPv6 address of RTB, And the destination link layer address of the packet option field contains the link layer address of RTB.
(3) After nodea learns that RTB is a better path to NodeB, it modifies its own destination cache table and sends the packets sent to NodeB preferentially to RTB. The redirection is completed.

This article is excerpted from the book "building an operational IPv6 network.
The book "building an operation-level IPv6 network" has been officially published by the e-Industry Publishing House and edited by Chen yunqing.