NDP stands for Neighbor Discovery Protocol which is an IPv6 protocol responsible for tasks such as stateless autoconfiguration, address resolution, Neighbor Unreachability Detection (NUD), and Duplicate Address Detection (DAD). It operates at Layer 2, the Data Link Layer, of the OSI model and was developed to improve data transmission efficiency and consistency across multiple networks and processes. Unlike IPv4, we no longer use Address Resolution Protocol or ARP in IPv6. IPv6 Neighbor Discovery replaces this function. Neighbor Discovery Protocol FeaturesNow, let’s discuss the different functions of NDP:
NDP ICMPv6 Message TypesNeighbor Discovery Protocol uses ICMPv6 messages to perform all its functions. Let’s discuss the five different types of ICMPv6:
Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book. We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training:
ICMPv6 defined in RFC 4443 is the companion protocol for IPv6 as ICMPv4 is the companion protocol for IPv4. ICMPv6 is used by routers and hosts to report problems when processing IPv6 packets. However, as we will see in chapter The datalink layer and the Local Area Networks, ICMPv6 is also used when auto-configuring addresses. The traditional utilisation of ICMPv6 is similar to ICMPv4. ICMPv6 messages are carried inside IPv6 packets (the Next Header field for ICMPv6 is 58). Each ICMP message contains an 8 bits header with a type field, a code field and a 16 bits checksum computed over the entire ICMPv6 message. The message body contains a copy of the IPv6 packet in error. Figure 5.42: ICMP version 6 packet format ICMPv6 specifies two classes of messages: error messages that indicate a problem in handling a packet and informational messages. Four types of error messages are defined in RFC 4443 :
Two types of informational ICMPv6 messages are defined in RFC 4443 : echo request and echo reply, which are used to test the reachability of a destination by using ping6(8). ICMPv6 also allows the discovery of the path between a source and a destination by using traceroute6(8). The output below shows a traceroute between a host at UCLouvain and one of the main IETF servers. Note that this IPv6 path is different than the IPv4 path that was described earlier although the two traceroutes were performed at the same time. traceroute6 www.ietf.orgtraceroute6 to www.ietf.org (2001:1890:1112:1::20) from 2001:6a8:3080:2:217:f2ff:fed6:65c0, 30 ho1 2001:6a8:3080:2::1 13.821 ms 0.301 ms 0.324 ms2 2001:6a8:3000:8000::1 0.651 ms 0.51 ms 0.495 ms3 10ge.cr2.bruvil.belnet.net 3.402 ms 3.34 ms 3.33 ms4 10ge.cr2.brueve.belnet.net 3.668 ms 10ge.cr2.brueve.belnet.net 3.988 ms 10ge.cr2.brueve.bel5 belnet.rt1.ams.nl.geant2.net 10.598 ms 7.214 ms 10.082 ms6 so-7-0-0.rt2.cop.dk.geant2.net 20.19 ms 20.002 ms 20.064 ms7 kbn-ipv6-b1.ipv6.telia.net 21.078 ms 20.868 ms 20.864 ms8 s-ipv6-b1-link.ipv6.telia.net 31.312 ms 31.113 ms 31.411 ms9 s-ipv6-b1-link.ipv6.telia.net 61.986 ms 61.988 ms 61.994 ms10 2001:1890:61:8909::1 121.716 ms 121.779 ms 121.177 ms11 2001:1890:61:9117::2 203.709 ms 203.305 ms 203.07 ms 12 mail.ietf.org 204.172 ms 203.755 ms 203.748 ms Note: Rate limitation of ICMP messages High-end hardware based routers use special purpose chips on their interfaces to forward IPv6 packets at line rate. These chips are optimised to process correct IP packets. They are not able to create ICMP messages at line rate. When such a chip receives an IP packet that triggers an ICMP message, it interrupts the main CPU of the router and the software running on this CPU processes the packet. This CPU is much slower than the hardware acceleration found on the interfaces [Gill2004]. It would be overloaded if it had to process IP packets at line rate and generate one ICMP message for each received packet. To protect this CPU, high-end routers limit the rate at which the hardware can interrupt the main CPU and thus the rate at which ICMP messages can be generated. This implies that not all erroneous IP packets cause the transmission of an ICMP message. The risk of overloading the main CPU of the router is also the reason why using hop-by-hop IPv6 options, including the router alter option is discouraged 20. Interactions between IPv6 and the datalink layer There are several differences between IPv6 and IPv4 when considering their interactions with the datalink layer. In IPv6, the interactions between the network and the datalink layer is performed using ICMPv6. First ICMPv6 is used to resolve the datalink layer address that corresponds to a given IPv6 address. This part of ICMPv6 is the Neighbour Discovery Protocol (NDP) defined in RFC 4861. NDP is similar to ARP, but there are two important differences. First, NDP messages are exchanged in ICMPv6 messages while ARP messages are sent as datalink layer frames. Second, an ARP request is sent as a broadcast frame while an NDP solicitation message is sent as a multicast ICMPv6 packet that is transported inside a multicast frame. The operation of the NDP protocol is similar to ARP. To obtain an address mapping, a host sends a Neighbour Solicitation message. This message is sent inside an ICMPv6 message that is placed in an IPv6 packet whose source address is the IPv6 address of the requesting host and the destination address is the all-hosts IPv6 multicast address (FF02::1) to which all IPv6 hosts listen. The Neighbour Solicitation contains the requested IPv6 address. The owner of the requested address replies by sending a unicast Neighbour Advertisement message to the requesting host. NDP suffers from similar security issues as the ARP protocol. However, it is possible to secure NDP by using the Cryptographically Generated IPv6 Addresses (CGA) defined in RFC 3972. The Secure Neighbour Discovery Protocol is defined in RFC 3971, but a detailed description of this protocol is outside the scope of this chapter. IPv6 networks also support the Dynamic Host Configuration Protocol. The IPv6 extensions to DHCP are defined in RFC 3315. The operation of DHCPv6 is similar to DHCP that was described earlier. In addition to DHCPv6, IPv6 networks support another mechanism to assign IPv6 addresses to hosts. This is the Stateless Address Config- uration (SLAC) defined in RFC 4862. When a host boots, it derives its identifier from its datalink layer address 21 and concatenates this 64 bits identifier to the FE80::/64 prefix to obtain its link-local IPv6 address. It then sends a Neighbour Solicitation with its link-local address as a target to verify whether another host is using the same link-local address on this subnet. If it receives a Neighbour Advertisement indicating that the link-local address is used by another host, it generates another 64 bits identifier and sends again a Neighbour Solicitation. If there is no answer, the host considers its link-local address to be valid. This address will be used as the source address for all NDP messages sent on the subnet. To automatically configure its global IPv6 address, the host must know the globally routable IPv6 prefix that is used on the local subnet. IPv6 routers regularly send ICMPv6 Router Adver- tisement messages that indicate the IPv6 prefix assigned to each subnet. Upon reception of this message, the host can derive its global IPv6 address by concatenating its 64 bits identifier with the received prefix. It concludes the SLAC by sending a Neighbour Solicitation message targeted at its global IPv6 address to ensure that another host is not using the same IPv6 address. Source: Olivier Bonaventure, https://s3.amazonaws.com/saylordotorg-resources/wwwresources/site/wp-content/uploads/2012/02/Computer-Networking-Principles-Bonaventure-1-30-31-OTC1.pdf Page 2
Learn new skills or earn credit towards a degree at your own pace with no deadlines, using free courses from Saylor Academy. We're committed to removing barriers to education and helping you build essential skills to advance your career goals. Start learning here, or check out our full course catalog. Log in or Sign up to enroll in courses, track your progress, gain access to final exams, and get a free certificate of completion!
Page 3
Learn new skills or earn credit towards a degree at your own pace, with no deadlines, using free courses from Saylor Academy. We're committed to removing barriers to education and helping you build essential skills to advance your career goals. Choose a course below, or check out our full course catalog. Log in or Sign up to enroll in courses, track your progress, gain access to final exams, and get a free certificate of completion! |