Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

IPv6: Neighbor Discovery Protocol (NDP)

[toc:faq]

Introduction

As defined in RFC 2461 of IETF, the Neighbor Discovery is a key protocol of IPv6. Neighbor Discovery Protocol is an umbrella that defines these mechanisms:

  1. Subsitute of ARP – Since ARP has been removed in IPv6, IPv6 follows a newer way to find the link-layer addresses of nodes on the local link. This new mechanism uses a mix of ICMPv6 messages and multicast addresses.
  2. Stateless Auto-Configuration - This mechanism allows nodes on the local link to configure their IPv6 addresses by themselves by using a mix of ICMPv6 messages and multicast addresses.
  3. Router Redirection - The router sends ICMPv6 messages to an IPv6 node to inform it of the presence of a better router address on the same local link to reach a destination network.

Neighbour Discovery (ND) is for end hosts predominately, whereas routers themselves advertise gateway capabilities via Router Advertisements (RA). This mechanism rely on ICMPv6 Type 133 and 134. NS/ND’s can be triggered with pings when using routers.

Table 1-A: ICMPv6 Messages Defined For NDP

ICMPv6 TypeName of Message
Type 133Router Solicitation (RS)
Type 134Router Advertisement (RA)

Type 135

Neighbor Solicitation (NS)

Type 136

Neighbor Advertisement (NA)

Type 137

Redirect Message

The table 1-A, shows the ICMPv6 messages that are used by NDP mechanisms. ARP subsitution uses neighbor solicitation (ICMPv6 Type 135) and neighbor advertisement (ICMPv6 Type 136) messages. Prefix advertisemnet and prefix renumbering use router solicitaion (ICMPv6 Type 133) and router advertisement (ICMPv6 Type 134) messages. DAD uses neighbor solicitation. Router redirection uses redirect messages (ICMPv6 137).

Table 1-B: ICMPv6 Messages Used by NDP Mechanisms

MechanismICMPv6 Type 133

ICMPv6 Type 134

ICMPv6 Type 135

ICMPv6 Type 136

ICMPv6 Type 137

Replacement Of ARP

          X          X
Prefix Advertisement       X        X


Prefix Renumbering       X        X


DAD

        X

Router Redirection



        X

On Cisco devices, parameters of NDP and the mechanisms under it's umbrella are controlled by using the ipv6 nd command.

Multicast Address and ICMPV6 Addresses used by NDP for replacing ARP

pic2.bmp

To verify the neighbor adjancy enteries in the neighbor discovery table use the command, "show ipv6 neighbors [ipv6-address-or-name | interface_type interface_number]"

How Neighbor Solicitation & Neighbor Advertisement Works

This section describes in detail how neighbor solicitation messages, neighbor advertisement messages, and solicited-node multicast addresses are used in IPv6 to replace ARP. Then, Cisco IOS Software commands related to neighbor solicitation and neighbor advertisement are explained.

Following is the neighbor discovery process (refer Figure A)

      1. Using the address FEC0::1:0:0:1 :A, node A wants to deliver packets to destination node B using the IPv6 address FEC0::1 :0:0:1 :B on the same local link. However, node A does not know node B's link-layer address. Node A sends an ICMPv6 Type 1 35 message (neighbor solicitation) on the local link using its site-local address FEC0::1:0:0:1:A as the IPv6 source address, the solicited-node multicast address FF02::1 :FF01:B corresponding to the target address FEC0::1 :0:0:1 :B as the destination IPv6 address, and the source link-layer address 00:50:3e:e4:4c:00 of the sender, node A, as data of the ICMPv6 message. The source link-layer address of this frame is the link-layer address 00:50:3e:e4:4c:00 of node A. The destination link-layer address 33:33:FF:01 :00:0B of this frame uses multicast mapping of the destination IPv6 address FF02::1 :FF01 :B.
      2. Node B, which is listening to the local link for multicast addresses, intercepts the neighbor solicitation message because the destination IPv6 address FF02::1:FF01:B represents the solicited-node multicast address corresponding to its IPv6 address FEC0::1:0:0:1:B.
      3. Node B replies by sending a neighbor advertisement message using its site-local address FEC0::1 :0:0:1 :B as the IPv6 source address and the site-local address FEC0::1 :0:0:1 :A as the destination IPv6 address. It also includes its link-layer address 00:50:3e:e4:4b:01 in the ICMPv6 message. After receiving neighbor solicitation and neighbor advertisement messages, node A and node B know each other's link-layer addresses.

Learned link-layer addresses are kept in a neighbor discovery table (neighbor cache). Therefore, the nodes can communicate on the local link. The neighbor solicitation message is also used by nodes to verify the reachability of neighbor nodes in the neighbor discovery table (neighbor cache). However, the unicast addresses of the neighbor nodes are used as destination IPv6 addresses in ICMPv6 messages instead of solicited-node multicast addresses in this situation. It is possible for a node that changes its link-layer address to inform all other neighbor nodes on the local link by sending a neighbor advertisement message using the all-nodes multicast address FF02::1 . The neighbor discovery table of the nodes on the local link is updated with the new linklayer address.

Figure A

pic3.bmp

Verification

Router#show ipv6 neighbors

IPv6 Address                              Age Link-layer Addr State Interface
FE80::221:A0FF:FEC1:3D80                    0 0021.a0c1.3d80  REACH Gi0/1.1
2607:F3B0:252:6::1                          0 0021.a0c1.3d80  REACH Gi0/1.1

Here is another example of WireShark Capture from Router R1 (Fa0/0) interface, explaining Neighbour Discovery.

Two Routers R1 and R2 are connected via interface FastEthernet 0/0.

R1(Fa0/0) ----------- (Fa0/0) R2

R1 (Fa 0/0)
2012::1
R2 (Fa 0/0)2012::2

References

Implementing IPv6 Addressing and Basic Connectivity

IETF: Neighbor Doscovery For IP Version 6 (IPv6)

IPv6 Frequenty Asked Questions (FAQ's)

Cisco: IPv6


Version history
Revision #:
1 of 1
Last update:
‎11-08-2011 02:04 AM
Updated by:
 
Attachments
Comments
Bronze

Excellent post... I like packet captures.