IPv6 Neighbor Discovery Protocol on Cisco Router

One of the differences between IPv4 and IPv6 is that we don’t use ARP (Address Resolution Protocol) anymore. ND (Neighbor Discovery Protocol) will replace the functionality of ARP. In this lesson we’ll take a look how ND works.

ND uses ICMP and solicited node multicast addresses to discover the layer 2 address of other IPv6 hosts the same network (local link). It uses two messages to accomplish this:

  • Neighbor solicitation message
  • Neighbor advertisement message

Let’s take closer look at these two messages.

IPv6 Neighbor Solicitation Message

The neighbor solicitation message is used primarily to find the layer two address of another IPv6 address on the local link, it’s also used for DAD (Duplicated Address Detection). In this packet the source address will be the source address of the host that is sending the neighbor solicitation, the destination address will be the solicited node multicast address of the remote host. This message also includes the layer two address of the host that is sending it. In the ICMP header of this packet you will find a type value of 135.

IPv6 Neighbor Solicitation Message

Using solicited node multicast addresses as the destination is far more efficient than IPv4’s ARP requests that are broadcasted to all hosts.

Every IPV6 device will compute a solicited node multicast address by taking the multicast group address (FF02::1:FF /104) and adding the last 6 hexadecimal characters from its IPv6 address. It will then join this multicast group address and “listens” to it.

When one host wants to find the layer two address of another host, it will send the neighbor solicitation to the remote host’s solicited node multicast address.It can calculate the solicited node multicast address of the remote host since it knows about the multicast group address and it knows the IPv6 address that it wants to reach.

The result will be that only the remote host will receive the neighbor solicitation. That’s far more efficient than a broadcast that is received by everyone…

Neighbor solicitation messages are also used to check if a remote host is reachable. In this case, the destination address will be the unicast address of the remote host.

IPv6 Neighbor Advertisement Message

Once the remote host receives the neighbor solicitation it will reply with the neighbor advertisement message. The source address is the IPv6 address of the host and the destination address is the IPv6 address of the remote host that sent the neighbor solicitation. The most important part is that this message includes the layer two address of the host. The neighbor advertisement message uses type 136 in the ICMPv6 packet header.

IPv6 Neighbor Advertisement Message

Once R1 receives the neighbor advertisement, these two IPv6 hosts will be able to communicate with each other.

Neighbor advertisement messages are also used when the layer two address of a host changes. When this message is sent, the destination address will be the all-nodes multicast address.

Configuration

Now you have an idea how IPv6 neighbor discovery works. Let’s see what it looks like on some real devices. I’ll also show you some wireshark captures. I will use these two routers for this demonstration:

R1 R2 no ip addresses

First we will configure some IPv6 addresses on our routers:

R1 & R2
(config)#interface FastEthernet 0/0
(config-if)#ipv6 enable

Using ipv6 enable is enough to generate some link local addresses which is all we need for this exercise. Here are the IPv6 addresses that the routers created:

R1#show ipv6 interface FastEthernet 0/0 | include FE80
  IPv6 is enabled, link-local address is FE80::C001:2FF:FE40:0 [TEN]
R2#show ipv6 interface FastEthernet 0/0 | include FE80
  IPv6 is enabled, link-local address is FE80::C002:3FF:FEE4:0 [TEN]

To see the neighbor discovery in action I will enable a debug on both routers:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 651 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

568 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Forum Replies

  1. Hi Diana,

    Glad to hear you like it!

    There’s not really a short answer to your question. Technically, ND doesn’t require MLD to work.

    IPv6 ND uses multicast and the solicited node multicast addresses.

    Using multicast instead of broadcast sounds effective but in reality, your ND traffic is probably still broadcasted since your L2 switches don’t know where to forward the multicast traffic to.

    To improve this, you could enable MLD snooping on the switches. Your hosts will have to report what they want to receive through MLD and then the switch will be able to deliv

    ... Continue reading in our forum

  2. Itai,
    The solicited node multicast address is known because the IPv6 RFC standards have established a “rule” in how to form the solicited node multicast address based on the IPv6 addresses that is needing to be queried. The rule states that solicited node multicast address is: FF02::1:FFXX:XXXX where X is the last 24 bits of the IPv6 target address. This means you take the last “half” of the next to last hextet, and the entire last hextet and append it to FF01::1:FF. See example below.

    The last thing you would need to know is that there is also an IPv6 RFC r

    ... Continue reading in our forum

  3. Hello Rahul

    Whenever you configure an interface to function as an IPv6 interface, it automatically sends out NS messages.
    This will occur even BEFORE any IPv6 addresses have been configured. You can see from your capture and from your CLI that you have posted, that both R1 and R2 have link-local addresses of FE80::C001:8FFF:FEEF:0 and FE80::C001:8FFF:FEF7:0 respectively.

    As for the NA message, those are sent under two conditions: The first is as a response to an NS and the second when there is a change in the link-layer address of a node on a local link. Wh

    ... Continue reading in our forum

  4. @castrojuanj
    Hello Juan,
    I hope you are doing well,
    I have labed your question and took a packet capture to see if I can help you understand NDP better.

    First off a link-local address is configured in two ways.

    1. The administrator specifies the link-local address to be used
    2. The local router uses eui-64 to generate the proper IP address for link-local use

    Now if you have a unique local and global unicast IP address assigned to the same interface and it receives an RS, it will the respond with an address for both unique local and global unicast addresses. So no t

    ... Continue reading in our forum

  5. you state this twice. Once here and once above. The first time you stated it I was not sure as I just thought on it briefly. Not liking the answer but then you state it again here so

    ... Continue reading in our forum

31 more replies! Ask a question or join the discussion by visiting our Community Forum