Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

IPv6_Neighbor Discovery

advertisement 
IPv6: Neighbor Discovery
Billy Bian
SW2
Great China R&D Center
ZyXEL Communications, Inc
1
Outline:
•
•
•
•
•
•
•
Neighbor Discovery (ND) Overview
Neighbor Discovery Message Format
Neighbor Discovery Processes
Conceptual Host Data Structures
Host Sending Algorithm
Appendix
Q&A
2
Neighbor Discovery Overview
• Set of messages and processes that determine
relationships between neighboring nodes
• Replaces ARP, ICMPv4 Router Discovery, and ICMPv4 Redirect
• ND is used by nodes:
• For address resolution
• To determine link-layer address changes
• To determine neighbor reachability
3
• ND is used by hosts:
• To discover neighboring routers
• Auto configure addresses, address prefixes, and other configuration
parameters
• ND is used by routers:
• To advertise their presence, host configuration parameters, and onlink prefixes
• To inform hosts of a better next-hop address to forward packets for a
specific destination
4
Neighbor Discovery Message Format
• ICMPv6 message structure and ICMPv6 types 133 -137
• All ND messages are sent with a hop limit of 255
Neighbor Discovery Message
IPv6 Header
Next Header(58)
Neighbor Discovery
Message Header
Neighbor Discovery
Message Options
5
Neighbor Discovery Processes
• Address Resolution
• Resolve a neighbor's IPv6 address to its link-layer (MAC)
address.
• It is equivalent to ARP in IPv4.
• Neighbor Unreachability Detection (NUD)
• Determine that an address for use is not already in use by a
neighbor node.
• It is equivalent to Gratuitous ARP frames in IPv4.
• Duplicate Address Detection (NAD)
• Determine that the IPv6 layer of a neighbor is no longer
receiving packets
• Might not be the final destination but the reachability of the
first hop of the destination
6
Neighbor Discovery Processes
• Router Discovery
• A host discovers the local roter(s) on the attached link
• Determine which local router is a default gateway
• Switch to backup default router if the primary one is
unavailable
• Route Lifetime expiration
• Neighbor Unreachability Detection (NUD)
• Network Prefix(es) discovery
• Parameters discovery (link MTU, Max Hop Limit, auto-config)
• It is equivalent to ICMPv4 Router Discovery
• Redirect Function
• Process of a router inform a host of a better first hop IPv6
address to reach a destination
• It is equivalent to ICMPv4 Redirect Message
7
Address Resolution
• An exchange of Neighbor Solicitation (NS) and
Neighbor Advertisement (NA) messages to resolve the
link-layer address of the next-hop address
• Multicast Neighbor Solicitation message
• Destination of NS is the solicited-node multicast address derived from target
address
• Source address of NS is the sender’s unicast address
• Unicast Neighbor Advertisement message
• Destination of NA is the requester’s unicast address
• Source address and target address are same.
• Both hosts update their neighbor caches
• Unicast traffic can now be sent
8
Address Resolution
Host A
MAC: 00-10-5A-AA-20-A2
IP: FE80::210:5AFF:FEAA:20A2
MAC: 00-60-97-02-6E-A5
IP: FE80::260:97FF:FE02:6EA5
Host B
9
Multicast Neighbor Solicitation
Ethernet Header
• Destination MAC is 33-33-FF-02-6E-A5
IPv6 Header
• Source Address is FE80::210:5AFF:FEAA:20A2
• Destination Address is FF02::1:FF02:6EA5
• Hop limit is 255
Neighbor Solicitation Header
• Target Address is FE80::260:97FF:FE02:6EA5
Neighbor Discovery Option
• Source Link-Layer Address is 00-10-5A-AA-20-A2
Host A
MAC: 00-10-5A-AA-20-A2
IP: FE80::210:5AFF:FEAA:20A2
 Send multicast Neighbor Solicitation
NS
MAC: 00-60-97-02-6E-A5
IP: FE80::260:97FF:FE02:6EA5
Host B
10
Multicast NS Destination Derivation
• The solicited-node multicast address is constructed
from the prefix FF02::1:FF00:0/104 and the last 24
bits of a unicast IPv6 address
• Mapping IPv6 Multicast Addresses to Ethernet
Addresses
IPv6 Multicast Address
FF…:
Multicast Ethernet Addresses
33-33-
11
Multicast NS Destination Address
Target Address:
IPv6 address (Unicast)
FE80::260:97FF:FE02:6EA5
IP layer Destination Address:
Solicited-Node Address
FF02::1:FF02:6EA5
Link layer Destination Address:
Multicast Ethernet Address
33-33-FF-02-6E-A5
12
Unicast Neighbor Advertisement
Ethernet Header
• Destination MAC is 00-10-5A-AA-20-A2
IPv6 Header
• Source Address is FE80::260:97FF:FE02:6EA5
• Destination Address is
FE80::210:5AFF:FEAA:20A2
• Hop limit is 255
Neighbor Advertisement Header
• Target Address is FE80::260:97FF:FE02:6EA5
Neighbor Discovery Option
• Target Link-Layer Address is 00-60-97-02-6E-A5
Host A
MAC: 00-10-5A-AA-20-A2
IP: FE80::210:5AFF:FEAA:20A2
NA
 Send unicast Neighbor Advertisement
MAC: 00-60-97-02-6E-A5
IP: FE80::260:97FF:FE02:6EA5
Host B
13
Structure of NS Message
Type
Code
Checksum
Reserved
Target Address
Options
= 135
=0
...
14
Structure of NA Message
Type
Code
Checksum
Router flag
Solicited flag
Override flag
Reserved
Target Address
Options
= 136
=0
...
15
Source and Target Link-Layer Address
Options
Type
Length
Link-Layer Address
=1
...
Source Link-Layer Address option
Type
Length
Link-Layer Address
=2
...
Target Link-Layer Address option
16
Source and Target Link-Layer Address
options for Ethernet
Type
Length
Ethernet MAC Address
=1
For all ND options, Length field is the number of 8-byte
blocks in the entire option.
17
NS Sample Message
Ethernet II, Src: 00:08:74:f8:6f:ee, Dst: 33:33:ff:dd:b8:37
Destination: 33:33:ff:dd:b8:37
Source: 00:08:74:f8:6f:ee
Type: IPv6 (0x86dd)
Internet Protocol Version 6
Version: 6
Traffic class: 0x00
Flowlabel: 0x00000
Payload length: 32
Next header: ICMPv6 (0x3a)
Hop limit: 255
Source address: fe80::208:74ff:fef8:6fee
Destination address: ff02::1:ffdd:b837
18
Internet Control Message Protocol v6
Type: 135 (Neighbor solicitation)
Code: 0
Checksum: 0x158a (correct)
Target: fe80::20c:29ff:fedd:b837
ICMPv6 options
Type: 1 (Source link-layer address)
Length: 8 bytes (1)
Link-layer address: 00:08:74:f8:6f:ee
19
NA Sample Message
Ethernet II, Src: 00:08:74:f8:6f:ee, Dst: 00:0c:29:dd:b8:37
Destination: 00:0c:29:dd:b8:37
Source: 00:08:74:f8:6f:ee
Type: IPv6 (0x86dd)
Internet Protocol Version 6
Version: 6
Traffic class: 0x00
Flowlabel: 0x00000
Payload length: 32
Next header: ICMPv6 (0x3a)
Hop limit: 255
Source address: fe80::208:74ff:fef8:6fee
Destination address: fe80::20c:29ff:fedd:b837
20
Internet Control Message Protocol v6
Type: 136 (Neighbor advertisement)
Code: 0
Checksum: 0x8633 (correct)
Flags: 0x60000000
0... .... .... .... .... .... .... .... = Not router
.1.. .... .... .... .... .... .... .... = Solicited
..1. .... .... .... .... .... .... .... = Override
Target: fe80::208:74ff:fef8:6fee
ICMPv6 options
Type: 2 (Target link-layer address)
Length: 8 bytes (1)
Link-layer address: 00:08:74:f8:6f:ee
21
Neighbor Unreachability Detection
• A neighboring node is reachable if:
• There has been a recent confirmation that IPv6 packets sent were
received and processed by the neighboring node
• Detects whether the first hop to the destination is
reachable
• Reachability is determined by:
• Receipt of a Neighbor Advertisement message in response to a
unicast Neighbor Solicitation message
• Upper layer protocol indicators
• There are five reachability States:
• Incomplete, Stale, Delay, Probe, Reachable
22
Reachablity confirmation
1.Neighbor Solicitation
2.Neighbor Advertisement
Host A
3.Neighbor Solicitation
4.Neighbor Advertisement
Host B
23
Neighbor Unreachability States
Send multicast NS
NO ENTRY EXISTS
INCOMPLETE
Multicast NS retries exceeded
Reachable Time
exceeded or unsolicited
NA received
Receive
Solicited NA
REACHABLE
Reachability
confirmed by
sending unicast
NS and receiving
solicited NA
Reachability confirmed
By upper layer protocol
STALE
Send packet
DELAY
Delay time
exceeded
PROBE
Unicast NS retries exceeded
24
Duplicate Address Detection
• Use of a neighbor solicitation to detect a
duplicate unicast address
• Target Address field in the Neighbor Solicitation message is set to
the IPv6 address for which duplication is being detected
• The Source Address is set to the unspecified address (::)
• For a duplicate address, the defending node replies
with a multicast NA
• The Destination Address is set to the link-local scope all-nodes
multicast address (FF02::1)
25
Duplicate Address Detection
• Replace IPv4 ARP request and Gratutitos ARP
• What is Gratuitous ARP?
•
IPv4 sets both source and target with the same IP address of
the sender in ARP request
• If it receives ARP reply, then the IP address is duplicate
• Must be performed by all nodes (hosts & routers)
• Performed before assigning a unicast address to
an Interface
• Performed on interface initialization
• Not performed for anycast address
• Link must be mulicast address
26
Duplicate Address Detection
• Accomplished by using NS (multicast) and NA
messages
• Node sends NS with:
•
•
•
•
Source address is unspecific address(::)
Destination address is tentative solicited-node address
Target address field is set to tentative IP address
The Source Link-layer Address option is not used
• If address already exists, the particular node
sends a NA reply with:
• The destination address of NA is set to FF02::1
• The solicited flag is 0 because NS is not using the desired IP
address
27
Multicast NS for Duplicate Address
Detection
Ethernet Header
• Dest MAC is 33-33-FF-52-F9-D8
IPv6 Header
• Source Address is ::
• Destination Address is FF02::1:FF52:F9D8
• Hop limit is 255
Neighbor Solicitation Header
• Target Address is
FEC0::2:260:8FF:FE52:F9D8
Host A
Tentative IP:
FEC0::2:260:8FF:FE52:F9D8
 Send multicast Neighbor Solicitation
NS
Host B
MAC: 00-60-08-52-F9-D8
IP: FEC0::2:260:8FF:FE52:F9D8
28
Multicast NA for a Duplicate Address
Ethernet Header
• Destination MAC is 33-33-00-00-00-01
IPv6 Header
• Source Address is FEC0::2:260:8FF:FE52:F9D8
• Destination Address is FF02::1
• Hop limit is 255
Neighbor Advertisement Header
• Target Address is FEC0::2:260:8FF:FE52:F9D8
Neighbor Discovery Option
• Target Link-Layer Address is 00-60-08-52-F9-D8
Host A
Tentative IP:
FEC0::2:260:8FF:FE52:F9D8
NA
 Send multicast Neighbor Advertisement
Host B
MAC: 00-60-08-52-F9-D8
IP: FEC0::2:260:8FF:FE52:F9D8
29
Router Discovery
• Attempts to discover the set of routers on the local link
• Similar to IPv4 ICMP router discovery (RFC 1256)
• In IPv6 RA messages, the Router Lifetime filed indicates the time
that router can be considered a default router
• Accomplished by sending a multicast Router Solicitation (FF02:2)
and the receipt of a multicast Router Advertisement (FF02::1)
message
• If the router becomes unavailable, the condition is detected via
neighbor unreachability instead of Router Lifetime in the RA
messages
• A new default router is chosen from default router list or the host
sends a RS message to determine a new default router
30
Multicast RS Message
Ethernet Header
• Destination MAC is 33-33-00-00-00-02
IPv6 Header
• Source Address is ::
• Destination Address is FF02::2
• Hop limit is 255
Router Solicitation Header
Host A
MAC: 00-B0-D0-E9-41-43
IP: none
 Send multicast Router Solicitation
RS
MAC: 00-10-FF-D6-58-C0
IP: FE80::210:FFFF:FED6:58C0
Router
31
Multicast RA Message
Ethernet Header
• Destination MAC is 33-33-00-00-00-01
IPv6 Header
• Source Address is FE80::210:FFFF:FED6:58C0
• Destination Address is FF02::1
• Hop limit is 255
Router Advertisement Header
• Current Hop Limit, Flags, Router Lifetime,
Reachable and Retransmission Timers
Neighbor Discovery Options
• Source Link-Layer Address is 00-10-FF-D6-58-C0
• MTU is 1500
• Prefix Information is for FEC0:0:0:F282::/64
Host A
MAC: 00-B0-D0-E9-41-43
IP: none
RA
 Send multicast Router Advertisement
MAC: 00-10-FF-D6-58-C0
IP: FE80::210:FFFF:FED6:58C0
Router
32
Structure of the RS Message
Type
Code
Checksum
Reserved
Options
= 133
=0
...
33
Structure of the RA Message
Type
Code
Checksum
Current Hop Limit
Managed Address Configuration flag
Other Stateful Configuration flag
Home Agent flag
Default Router Preference
Reserved
Router Lifetime
Reachable Time
Retrans Timer
Options
= 134
=0
...
34
Structure of the Prefix Information
Type
=3
Option
Length
Prefix Length
On-Link flag
Autonomous flag
Router Address flag
Site prefix flag
Reserved1
Valid Lifetime
Preferred Lifetime
Reserved2
Site Prefix Length
Prefix
=4
35
Structure of the MTU Option
Type
Length
Reserved
MTU
=5
=1
36
Structure of the Advertisement Interval
Option
Type
=7
Length
=1
Reserved
Advertisement Interval
37
Structure of the Home Agent
Information Option
Type
Length
=8
=1
Reserved
Home Agent Preference
Home Agent Lifetime
38
Structure of the Route Information
Option
Type
Length
Prefix Length
Reserved 1
Preference
Reserved 2
Route Lifetime
Prefix
=9
39
Sample RS message
Ethernet II, Src: 00:0c:29:7e:7e:86, Dst: 33:33:00:00:00:02
Destination: 33:33:00:00:00:02
Source: 00:0c:29:7e:7e:86
Type: IPv6 (0x86dd)
Internet Protocol Version 6
Version: 6
Traffic class: 0x00
Flowlabel: 0x00000
Payload length: 16
Next header: ICMPv6 (0x3a)
Hop limit: 255
Source address: fe80::20c:29ff:fe7e:7e86
Destination address: ff02::2
40
Internet Control Message Protocol v6
Type: 133 (Router solicitation)
Code: 0
Checksum: 0x2b0d (correct)
ICMPv6 options
Type: 1 (Source link-layer address)
Length: 8 bytes (1)
Link-layer address: 00:0c:29:7e:7e:86
41
Sample RA Message
Ethernet II, Src: 00:13:49:00:00:01, Dst:
33:33:00:00:00:01
Destination: 33:33:00:00:00:01
Source: 00:13:49:00:00:01 (ZyxelCom_00:00:01)
Type: IPv6 (0x86dd)
Internet Protocol Version 6
Version: 6
Traffic class: 0x00
Flowlabel: 0x00000
Payload length: 56
Next header: ICMPv6 (0x3a)
Hop limit: 255
Source address: fe80::213:49ff:fe00:1
Destination address: ff02::1
42
Internet Control Message Protocol v6
Type: 134 (Router advertisement)
Code: 0
Checksum: 0x96a0 (correct)
Cur hop limit: 64
Flags: 0x00
0... .... = Not managed
.0.. .... = Not other
..0. .... = Not Home Agent
...0 0... = Router preference: Medium
Router lifetime: 1800
Reachable time: 0
Retrans time: 0
43
ICMPv6 options
Type: 1 (Source link-layer address)
Length: 8 bytes (1)
Link-layer address: 00:13:49:00:00:01
ICMPv6 options
Type: 3 (Prefix information)
Length: 32 bytes (4)
Prefix length: 64
Flags: 0xc0
1... .... = Onlink
.1.. .... = Auto
..0. .... = Not router address
...0 .... = Not site prefix
Valid lifetime: 0x00278d00
Preferred lifetime: 0x00093a80
Prefix: fec0::
44
Redirect
• Sometimes hosts will pick the wrong next-hop
•
•
There are several routers
Send to a router although destination is connected to the same
link
• The router that receives the packet
•
•
will retransmit the correct hop
Send a Redirect message to the sender
• After receive the Redirect message, the host will
send the next message to the correct router
45
Unicast Packet to the Router
Ethernet Header
• Destination MAC is 00-AA-00-22-22-22
IPv6 Header
• Source Address is
FEC0::1:2AA:FF:FE11:1111
• Destination Address is
FEC0::2:2AA:FF:FE99:9999
Host A
MAC: 00-AA-00-11-11-11
IP: FEC0::1:2AA:FF:FE11:1111
FE80::2AA:FF:FE11:1111
Unicast Packet
MAC: 00-AA-00-22-22-22
IP: FEC0::1:2AA:FF:FE22:2222
FE80::2AA:FF:FE22:2222
Router 2
 Send unicast packet
MAC: 00-AA-00-33-33-33
IP: FEC0::1:2AA:FF:FE33:3333
FE80::2AA:FF:FE33:3333
46
Router 3
Redirect Message Sent by the Router
Ethernet Header
• Destination MAC is 00-AA-00-11-11-11
IPv6 Header
• Source Address is FE80::2AA:FF:FE22:2222
• Destination Address is FEC0::1:2AA:FF:FE11:1111
• Hop limit is 255
Redirect Header
• Target Address is FE80::2AA:FF:FE33:3333
• Destination Address is FEC0::2:2AA:FF:FE99:9999
Neighbor Discovery Options
• Target Link-Layer Address is 00-AA-00-33-33-33
• Redirected Header
Host A
MAC: 00-AA-00-11-11-11
IP: FEC0::1:2AA:FF:FE11:1111
FE80::2AA:FF:FE11:1111
Redirect
 Send unicast Redirect
Router 2
MAC: 00-AA-00-22-22-22
IP: FEC0::1:2AA:FF:FE22:2222
FE80::2AA:FF:FE22:2222
MAC: 00-AA-00-33-33-33
IP: FEC0::1:2AA:FF:FE33:3333
FE80::2AA:FF:FE33:3333
47
Router 3
Unicast Packet Forwarded by the
Router
Ethernet Header
• Destination MAC is 00-AA-00-33-33-33
IPv6 Header
• Source Address is
FEC0::1:2AA:FF:FE11:1111
• Destination Address is
FEC0::2:2AA:FF:FE99:9999
Host A
MAC: 00-AA-00-11-11-11
IP: FEC0::1:2AA:FF:FE11:1111
FE80::2AA:FF:FE11:1111
Unicast Packet
Forward unicast packet
MAC: 00-AA-00-22-22-22
IP: FEC0::1:2AA:FF:FE22:2222
FE80::2AA:FF:FE22:2222
MAC: 00-AA-00-33-33-33
IP: FEC0::1:2AA:FF:FE33:3333
FE80::2AA:FF:FE33:3333
Router 2
Router 3
48
Conceptual Host Data Structures
•
To facilitate interactions between neighboring nodes, RFC 2461 defines the following
conceptual host data structures as an example of how to store information for ND
processes:
• Neighbor cache
•
The neighbor cache stores the on-link IP address of each neighbor, its
corresponding link-layer address, and an indication of the neighbor's reachability
state.
• Destination cache
•
The destination cache stores information on next-hop IP addresses for destinations
to which traffic has recently been sent.
• Prefix list
•
The prefix list contains on-link prefixes.
• Default router list
•
IP addresses corresponding to on-link routers that have sent Router Advertisement
messages and are eligible to be default routers are included in the default router list.
49
Conceptual Host Data Structures
Destination Cache
Destination Next-Hop Address PMTU
Prefix List
Neighbor Cache
Next-Hop Address Link Layer Address State
Default
Router List
50
Host Sending Algorithm
1. Determine the next-hop address for the destination
• Check the destination cache
• If the destination address matches a prefix in the prefix list,
next-hop address is destination address
• If the destination address does not match a prefix in the prefix
list, next-hop address is the default router address
2. Determine the link-layer address for the next-hop
address
• Check the neighbor cache
• Use address resolution to obtain the link-layer address for the
next-hop address
3. Send the packet using the link-layer address of the
next-hop address
51
Check destination cache
Check neighbor cache for next hop
Entry
found ?
Y
Obtain next-hop
Y
Entry
found?
N
Check prefix list
Update destination cache
Send packet
using link-layer address
of neighbor cache entry.
N
Address resolution for
next-hop
Match?
Y
destination as next-hop
resolution Y
Update neighbor cache
successful?
N
default
router?
Y
N
N
Indicate an error.
default router as next-hop
52
Appendix
IPv4 Neighbor Functions and IPv6 Equivalents
IPv4 Neighbor Function IPv6 Neighbor Function
ARP Request message
ARP Reply message
ARP cache
Gratuitous ARP
RS message (optional)
RA message (optional)
Redirect message
NS message
NA message
Neighbor cache
Duplicate address detection
RS (required)
RA (required)
Redirect message
53
Summary of ND Messages and Options
ND Message
Router Solicitation
ND Option
Source Link-Layer Address
Router Advertisement
Source Link-Layer Address
Prefix Information
MTU
Advertisement Interval
Home Agent Information
Route Information
Neighbor Solicitation
Source Link-Layer Address
Neighbor Advertisement
Target Link-Layer Address
Redirect
Redirected Header
Target Link-Layer Address
54
Q&A
55
Related documents
WHO IS MY NEIGHBOR? - Knollwood Church Of Christ
WHO IS MY NEIGHBOR? - Knollwood Church Of Christ
Love…still a verb! Presentation
Love…still a verb! Presentation
Destination Success - St. Lucie Public Schools
Destination Success - St. Lucie Public Schools
Lecture 14
Lecture 14
4th Commandment
4th Commandment
Chapter 1 - Living in a Network
Chapter 1 - Living in a Network
Router Configuration Management Tools
Router Configuration Management Tools
Download
advertisement