CMPT 471Networking II

Address Resolution

IPv6 Neighbor Discovery

1© Janice Regan, 2012

© Janice Regan, 2006 2Modified from the TCP/IP Guide (online)

ADDRESS RESOLUTION

DUPLICATE ADDRESS DETECTION

NEIGHBOR UNREACHABILITY DETECTION

Neighbor Discovery When a network uses the IPv6 protocol

ARP is replaced with part of the Neighbor Discovery protocol (ND)

ND is a part of the ICMPv6 protocol, which also replaces ICMPv4

Just as ARP has a cache, so does the ND protocol. ND cache holds more information

© Janice Regan, 2012 3

Neighbor cache A set of entries about individual neighbors

to which traffic has been sent recently. unicast IP address link-layer address (Ethernet) flag is the neighbor a router or a host the reachability state the number of unanswered probes the time the next Neighbor Unreachability

Detection event is scheduled© Janice Regan, 2012 4

Entry states in neighbor cache

INCOMPLETE Address resolution in progress

REACHABLE verified up to tens of seconds ago

STALE not known to be reachable but until traffic is sent no verification done

DELAY not known to be reachable, traffic has recently been sent wait for upper-layer protocols to confirm

PROBE no longer known to be reachable send Solicitation probes to verify reachability.

© Janice Regan, 2012 5

Address Resolution: Why When an IPv6 host A wishes to send

application data, the data is encapsulated and passed down through the layers of the protocol stack (Just like IPv4)

To send the Ethernet frame it is necessary to have or to obtain the Ethernet address of the next hop destination (host B), given the IP address of B

© Janice Regan, 2012 6

Address resolution: when Want the link layer address (Ethernet)

corresponding to the IP of B, the next hop, First check the neighbor cache for an entry for the IP of B If there is an entry use the corresponding

Ethernet address If there is no entry in the neighbor cache

then we must perform address resolution.

© Janice Regan, 2012 7

Address resolution: first steps Begin by queuing packet to be sent Then create an entry in the neighbor cache

of A with INCOMPLETE state Contains IP address of the next hop

destination A builds a neighbor solicitation packet. Send the neighbor solicitation packet to the

solicited-node multicast address of B

© Janice Regan, 20128

Neighbor solicitation message

© Janice Regan, 2012 9

TYPE (135) CODE 0 CHECKSUM

RESERVED (set to 0)

IPv6 TARGET ADDRESS (link local IP ADDRESS of B)

OPTIONS (VARIABLE LENGTHEthernet Address of source host A.

VERS 6 TRAFFIC CLASS FLOW LABEL

PAYLOAD LENGTH NEXT HEADER HOP LIMIT 255

IPv6 source address (address of A)

IPv6 destination address (solicited-node multicast address of B)

IPv6 header

Neighbor solicitationMessage(ICMP)

Solicited-node multicast address The solicited-node address can be

determined directly from the IP address Add last 24 bits of IP address to the prefix

ff02::1:ff00:0/104

In the data link layer the equivalent Ethernet address is 33-33-FF-Last 24 bits of IP

© Janice Regan, 2012 10

FF02(16 bits)

0 (72 bits all 0)Last 24 bits

of IP address01 FF

Efficiency of Solicited-node For IPv4 ARP requests are broadcast to reach all nodes

on the local network segment. This means all nodes must process every ARP request to see if their address matches

For IPv6 there are 224 solicited-node multicast addresses that replace the single broadcast address. For any particular host there will be fewer IPv6 requests to

process neighbor solicitations than there would be IPv4 requests to process ARP request messages.

Only 1/224 of the possible addresses will interrupt any given host.

IPv4 hosts are not interrupted at all

© Janice Regan, 2012 11

Address resolution: next step The neighbor solicitation packet is received

by the destination (and perhaps a few other nodes in the same solicited node multicast group, who will process and drop the packet)

The destination host builds a neighbor advertisement packet to respond to the neighbor solicitation.

© Janice Regan, 201212

Neighbor advertisement

© Janice Regan, 2012 13

TYPE (136) CODE 0 CHECKSUM

RESERVED (set to 0)

IPv6 TARGET ADDRESS (Copied from solicitation)

OPTIONS (VARIABLE LENGTH) Ethernet Address of source host (host B).

VERS 6 TRAFFIC CLASS FLOW LABEL

PAYLOAD LENGTH NEXT HEADER HOP LIMIT 255

IPv6 source address (Unicast address of sending interface on B)

IPv6 destination address (unicast IP address of A)

IP header

Neighbor solicitationMessage(ICMP)

R|S|0 S flag is set

Neighbor advertisement R Router flag.

When set, indicates that the sender is a router. The S-bit

For reachability confirmation for Neighbor Unreachability Detection.

It MUST NOT be set in unsolicited unicast advertisements.

O Override flag. When set, the O-bit indicates that the advertisement should override an existing cache entry

© Janice Regan, 2012 14

Address resolution: more steps An entry may be updated or added to the

neighbor cache of B The neighbor advertisement is unicast to

the soliciting host (A) If the advertisement is not received by A

The INCOMPLETE cache entry is dropped

© Janice Regan, 2012 15

Address resolution: final steps If the advertisement is received by A

The soliciting host finishes building the INCOMPLETE entry in the neighbor cache

The entry is then in the REACHABLE state Packets that have been queued waiting

for the link layer address are sent At least one packet must be queue for

address resolution to be initiated

© Janice Regan, 2012 16

Improvements: Detecting failure

Unlike ARP, Neighbor Discovery detects half-link failures Uses Neighbor Unreachability Detection Uses state of the entry in the neighbor

cache Avoids sending traffic to neighbors

with which two-way connectivity is absent.

© Janice Regan, 2012 17

Entry states in neighbor cache

INCOMPLETE Address resolution in progress

REACHABLE verified up to tens of seconds ago

STALE not known to be reachable but until traffic is sent no verification done (an update has been requested)

DELAY not known to be reachable, traffic has recently been sent wait for upper-layer protocols to confirm

PROBE no longer known to be reachable send Solicitation probes to verify reachability.

© Janice Regan, 2012 18

Neighbor Unreachability (1) Each time a packet is received by neighbor A

from neighbor B that indicates active two way communication the neighbor cache entry is set to REACHABLE and the entry lifetime timer is reset. A’s receipt of a TCP packet indicates that B

has received an ACK from A, so two way communication is alive

Receiving unsolicited neighbor advertisements only requires 1-way communications and would not cause changes in the cache

© Janice Regan, 2012 19

Neighbor Unreachability (2) If the entry lifetime timer expires the cache entry

moves from the REACHABLE state to the STALE state.

If the host wants to send a packet to a STALE entry, a delay timer is set when that packet is sent and the host moves into the DELAY state. If no reply is received in DELAY_FIRST_PROBE_TIME

seconds the entry moves into the PROBE state. Otherwise if a reply is received the entry moves back to

the REACHABLE state© Janice Regan, 2012 20

Neighbor Unreachability (3) When an entry enters the PROBE state a neighbor

solicitation is sent If a neighbor advertisement is returned before the

retransmission timer expires the entry moves back to the Reachable and the lifetime timer is reset

Otherwise when the retransmission timer expires the neighbor solicitation is retransmitted. Up to MAX_UNICAST_SOLICIT retransmissions will be tried (until an advertisement is received)

Should no advertisement be received after the maximum number of retransmissions the entry should be deleted.

© Janice Regan, 2012 21

Duplicate Address Detection IPv6 equivalent to gratuitous ARP When a host A is initializing, Duplicate

Address Detection (DAD) allows the host A to check that no other host on the local network segment is already using the IPv6 address it is requesting to use.

A required part of initialization or

reinitialization of any interface

© Janice Regan, 2012 22

DAD: step 1 A builds a neighbor solicitation packet to check if

it’s desired IP address is available The requested IP source address is “tentative” so

IP source address in the solicitation packet is all 0’s,

IP destination address is the solicited node multicast address derived from the target address (next line)

Target address is the requested IPv6 address of A

OPTIONS (data) field contains 0’s

© Janice Regan, 2012 23

DAD Neighbor solicitation

© Janice Regan, 2012 24

TYPE (135) CODE 0 CHECKSUM

RESERVED (set to 0)

IPv6 destination address (A’s requested address)

OPTIONS (VARIABLE LENGTH) NONE

VERS 6 TRAFFIC CLASS FLOW LABEL

PAYLOAD LENGTH NEXT HEADER HOP LIMIT 255

: :

IPv6 destination address (solicited node multicast address of A’s requested address)

IPv6 header

Neighbor solicitationMessage(ICMP)

DAD: step 2 A joins all hosts multicast group A joins the multicast group for the

solicited node multicast address derived from the IP address it is requesting.

A random delay (delay before sending the request to join the multicast groups) is added to distribute load if whole network is initializing at the same time

© Janice Regan, 2012 25

DAD: step 3 To check the tentative address, A sends the

solicitation DupAddrDetectTransmits times. Default DupAddrDetectTransmits=1 Setting DupAddrDetectTransmits=0 turns DAD off

Each transmission is separated by RetransTimer milliseconds.

Retransmission stop when A replying neighbor advertisement arrives RetransTimer millisec after the last retransmission

© Janice Regan, 2012 26

DAD: step 4 (no duplicate) No answering neighbor solicitation packet is

received before probing is complete Probing is complete DupAddrDetectTransmits times

RetransTimer milliseconds after the first retransmission is sent

It has been confirmed that the tentative IP address is unique

The tentative IPv6 address is assigned to the interface and becomes the IPv6 address for the interface

© Janice Regan, 2012 27

DAD: step 4 (duplicate) Host B is already using the requested address.

Host B receives A’s neighbor solicitation. B replies A’s solicitation with an advertisement

Reply is multicast to all nodes address FF02::1 (because source address was : : )

Solicited flag is set (S flag) IPv6 source address is B’s address (also A’s

tentative address) Target is B’s IPv4 address (A requested address) B’s Ethernet address is included as an option

© Janice Regan, 2012 28

DAD Neighbor advertisement

© Janice Regan, 2012 29

TYPE (136) CODE 0 CHECKSUM

RESERVED (set to 0)

IPv6 TARGET ADDRESS (Copy solicitation, A’s requested address)

OPTIONS (VARIABLE LENGTH) (Ethernet Address of host B, which is using the requested address).

VERS 6 TRAFFIC CLASS FLOW LABEL

PAYLOAD LENGTH NEXT HEADER HOP LIMIT 255

IPv6 source address (address requested by A also B’s address)

All nodes multicast address (FF02::1)

IP header

Neighbor solicitationMessage(ICMP)

R|S|0 R|S|0 S flag is set

DAD: step 5 (duplicate) Host B is already using the requested address.

Host B receives A’s neighbor solicitation and replies with a neighbor advertisement

Host A SHOULD log a system management error. Then If the IPv6 address was derived from the Ethernet

address, no packets will be received or sent on the interface (no new IPv6 address will be assigned)

If the IPv6 address was assigned then a new IPv6 address may be assigned and DAD repeated.

© Janice Regan, 2012 30

Some relevant RFC’s RFC’s

4429 2461 2462 4861 4862

© Janice Regan, 2012 31