IPv6 Neighbor Discovery Protocol on Cisco Router

One of the differences between IPv4 and IPv6 is that we don’t use ARP (Address Resolution Protocol) anymore. ND (Neighbor Discovery Protocol) will replace the functionality of ARP. In this lesson we’ll take a look how ND works.

ND uses ICMP and solicited node multicast addresses to discover the layer 2 address of other IPv6 hosts the same network (local link). It uses two messages to accomplish this:

  • Neighbor solicitation message
  • Neighbor advertisement message

Let’s take closer look at these two messages.

IPv6 Neighbor Solicitation Message

The neighbor solicitation message is used primarily to find the layer two address of another IPv6 address on the local link, it’s also used for DAD (Duplicated Address Detection). In this packet the source address will be the source address of the host that is sending the neighbor solicitation, the destination address will be the solicited node multicast address of the remote host. This message also includes the layer two address of the host that is sending it. In the ICMP header of this packet you will find a type value of 135.

IPv6 Neighbor Solicitation Message

Using solicited node multicast addresses as the destination is far more efficient than IPv4’s ARP requests that are broadcasted to all hosts.

Every IPV6 device will compute a solicited node multicast address by taking the multicast group address (FF02::1:FF /104) and adding the last 6 hexadecimal characters from its IPv6 address. It will then join this multicast group address and “listens” to it.

When one host wants to find the layer two address of another host, it will send the neighbor solicitation to the remote host’s solicited node multicast address.It can calculate the solicited node multicast address of the remote host since it knows about the multicast group address and it knows the IPv6 address that it wants to reach.

The result will be that only the remote host will receive the neighbor solicitation. That’s far more efficient than a broadcast that is received by everyone…

Neighbor solicitation messages are also used to check if a remote host is reachable. In this case, the destination address will be the unicast address of the remote host.

IPv6 Neighbor Advertisement Message

Once the remote host receives the neighbor solicitation it will reply with the neighbor advertisement message. The source address is the IPv6 address of the host and the destination address is the IPv6 address of the remote host that sent the neighbor solicitation. The most important part is that this message includes the layer two address of the host. The neighbor advertisement message uses type 136 in the ICMPv6 packet header.

IPv6 Neighbor Advertisement Message

Once R1 receives the neighbor advertisement, these two IPv6 hosts will be able to communicate with each other.

Neighbor advertisement messages are also used when the layer two address of a host changes. When this message is sent, the destination address will be the all-nodes multicast address.

Configuration

Now you have an idea how IPv6 neighbor discovery works. Let’s see what it looks like on some real devices. I’ll also show you some wireshark captures. I will use these two routers for this demonstration:

R1 R2 no ip addresses

First we will configure some IPv6 addresses on our routers:

R1 & R2
(config)#interface FastEthernet 0/0
(config-if)#ipv6 enable

Using ipv6 enable is enough to generate some link local addresses which is all we need for this exercise. Here are the IPv6 addresses that the routers created:

R1#show ipv6 interface FastEthernet 0/0 | include FE80
  IPv6 is enabled, link-local address is FE80::C001:2FF:FE40:0 [TEN]
R2#show ipv6 interface FastEthernet 0/0 | include FE80
  IPv6 is enabled, link-local address is FE80::C002:3FF:FEE4:0 [TEN]

To see the neighbor discovery in action I will enable a debug on both routers:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 662 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

501 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: ,


Forum Replies

  1. This is best explained with the following two captures:

    https://networklessons.com/wp-content/uploads/2015/12/wireshark-capture-arp-request.png

    Above you can see the ARP request. The sender (fa:16:3e:38:94:94) creates the ARP request and is looking for 192.168.12.2. It encapsulates this in an Ethernet frame with its own MAC address as the source and destination broadcast.

    Everyone on the subnet will hear this message, the device that has the destination MAC address will reply:

    //cdn-forum.networklessons.com/uploads/default/original/2X/9/9f60d1190267be572f382a07

    ... Continue reading in our forum

  2. sir , for the scenario
    Computer A ——-Switch1—–ROUTER1——————ROUTER 2 —- Switch2 —– Computer B.

    you said that

    "Computer A will do an ARP request for the IP address of Router 1

    Computer B will do an ARP request for Router 2 (its default gateway).

    Router 1 and Router 2 will do ARP requests on the link that connects them to discover each others MAC addresses."

    please rectify/guide me if i am worng
    computer A will send ARP request to R1 to know R1 MAC address, so whenever it sends send data to ComputerB it will then send it to MAC address of R1.

    sir my second query i

    ... Continue reading in our forum

  3. Hi.

    Router A wants to know MAC address of router B. So, it broadcasts ARP. Only router B replies.
    In this case, target MAC should be FF:FF:FF:FF:FF:FF which is broadcastin ARP request. Why the target MAC is all 0’s in ARP request?

  4. Thanks Lazaros, your explanation has been very useful. Now is more clear for me.

  5. Hi Braulio,

    Every device that has an IP address builds an ARP table. They somehow need to map a L3 IP address to a L2 MAC address.

    A computer (host) will have an ARP table. A switch that you configure with an IP address for remote management also has an ARP table.

    Rene

101 more replies! Ask a question or join the discussion by visiting our Community Forum