IPv6 Neighbor Discovery protocol includes the following functions: address resolution, neighbor unreachable detection, duplicate address detection, router discovery / prefix discovery, address auto configuration and redirection.
The ICMPv6 packet type used by the ND protocol and its functions are shown in the following table.
Table 5-9 The ICMPv6 packet type used by the ND protocol and its functions
|
ICMPv6 Packet Type
|
Type No.
|
Function
|
|
Router request packet (RS: Router Solicitation)
|
133
|
After a node starts, it sends a request to the router v configuration information, used for auto configuration
|
|
Router advertisement packet (RA: Router Advertisement)
|
134
|
Respond for the RS packet
Without suppressing the sending of RA packets, the router periodically sends RA packets, including prefix information options and some flag bits.
|
|
Neighbor request packet (NS: Neighbor Solicitation)
|
135
|
Get the link-layer address of the neighbor
Verify whether the neighbor is reachable Perform the repeated address detection
|
|
Neighbor advertisement packet (NA: Neighbor Advertisement)
|
136
|
Respond for the NS packet
The node sends the NA packet automatically when the link layer changes, advertising the change information of the node to the neighbor node.
|
| Re-direction packet (Redirect) |
137 |
When meeting a certain condition, the default gateway sends a redirect packet to the source host, making the host re-select the correct next hop address for subsequent packet transmission. |
Get the link-layer address of the neighbor node on one link, which is realized by the NS packet and NA packet.
- Neighbor unreachable detection
After getting the link-layer address of the neighbor node, verify whether the neighbor node is reachable via the NS packet and NA packet.
- The node sends the NS packet, whose the destination address is the IPv6 address of the neighbor node
- If receiving the confirm packet of the neighbor node, it is regarded that the neighbor is reachable. Otherwise, it is regarded that the neighbor is not reachable.
- Duplicate address detection
After the node gets one IPv6 address, it is necessary to use the duplicate address detection function to confirm whether the address is used by other nodes.
- Router discovery/prefix discovery and address auto configuration
Router discovery/prefix discovery indicates the node gets the neighbor router and its network prefix from the received RA packet, as well as other configuration parameters.
Address stateless auto configuration indicates that the node automatically configures the IPv6 address according to the information obtained by router discovery / prefix discovery.
Router discovery/prefix discovery is achieved through RS packets and RA packets.
When the host starts, there may be only one default route to the default gateway in its routing table. When meeting certain conditions, the default gateway sends ICMPv6 redirect packets to the source host, informing the host to choose a better next hop for sending the subsequent packets.
Configuration Condition
None
Configure IPv6 Static Neighbor
Resolving the IPv6 address of the neighbor node into the link layer address can be realized by the address resolution function of the IPv6 ND protocol, or by configuring the static neighbor manually.
The IPv6 neighbor is uniquely identified by the IPv6 address of the neighbor node and the L3 interface connected to the neighbor node.
Table 5-10 Configure the IPv6 static neighbor
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Configure the IPv6 static neighbor
|
ipv6 neighbor ipv6-address interface-name mac-address
|
Mandatory
By default, do not configure the IPv6 static neighbor.
|
Configure the Age Time of the IPv6 Neighbor Entry in the STALE State
IPv6 neighbor entries have five reachability states: INCOMPLETE, REACHABLE, STALE, DELAY and PROBE. The STALE state indicates not knowing whether the neighbor is reachable or not. The neighbor entry in STALE state has an aging time, and the neighbor entries in STALE state reaching the aging time will migrate to the DELAY state.
Table 5-11 Configure the age time of the IPv6 neighbor entry in the STALE state
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Configure the age time of the IPv6 neighbor entry in the STALE state
|
ipv6 neighbor stale-aging aging-time
|
Optional
By default, the age time of the IPv6 neighbor entry in the STALE state is 7200s.
|
Configure the Re-transmission Interval of the NS Packet
When the device sends an NS packet, and if it does not receive a response within a specified time interval, it will resend the NS packet. The interval for re-sending NS packet can be configured by the following command.
Table 5-12 Configure the interval of re-sending the NS packet
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Enter the interface configuration mode
|
interface interface-name
|
-
|
|
Configure the
re-transmission interval of the NS packet
|
ipv6 nd ns-interval value
|
Mandatory
By default, the interval of sending the NS packet is 1000ms.
|
Configure the Times of the IPv6 Duplicate Address Detection Sending the NS Packet
After the interface is configured with the IPv6 address, the NS packet is sent for duplicate address detection. If no response is received within a certain period of time, the NS packet is continued to be sent. When the number of NS packets sent reaches the set value, no response is received, the address is considered available.
Table 5-13 Configure the times of the IPv6 duplicate address detection sending the NS packet
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Enter the interface configuration mode
|
interface interface-name
|
-
|
|
Configure the times of the IPv6 duplicate address detection sending the NS packet
|
ipv6 nd dad attempts value
|
Mandatory
By default, the times of the IPv6 duplicate address detection sending the NS packet is 1.
|
Configure the Related Parameters of the RA Packet
Users can configure whether the interface sends the RA packet and the interval of sending the RA packet according to the actual situation, and can configure the parameters of the RA packet to inform the host. When the host receives the RA message, it can use these parameters to do the corresponding operation.
Table 5-14 The parameters and descriptions in the RA packet
|
Parameter
|
Description
|
|
Hop Limit
|
When sending the IPv6 packet, the host will fill the Hop Limit field in the IPv6 header using this parameter value. At the same time, the parameter value is also used as the Hop Limit field value in the device reply packet.
|
|
MTU
|
The MTU of the released link, which can be used to ensure that all nodes on one link adopt the same MTU value
|
|
Router Lifetime
|
Used to set the time of the router that sends the RA packet serving as the default router of the host. The host can determine whether to take the router sending the RA packet as the default router based on the router lifetime parameter value of the received RA packet.
|
|
The time of the neighbor keeping the reachable state (Reachable Time)
|
When the neighbor reachability detection confirms that the neighbor is reachable, the device assumes that the neighbor is reachable within the set reachable time; if a packet needs to be sent to the neighbor after the set time, reconfirm that the neighbor is reachable.
|
Table 5-15 Configure the related parameters of the RA packet
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Enter the interface configuration mode
|
interface interface-name
|
-
|
|
Configure the prefix option information in the RA packet
|
ipv6 nd prefix { ipv6-prefix | default } [ valid-lifetime | infinite | no-advertise | no-autoconfig | off-link ] [ prefered-lifetime | infinite ]
|
Mandatory
By default, do not configure the prefix option information.
|
|
Configure the value of the Hop Limit field in the RA packet sent by the interface to be got from the global configuration
|
ipv6 nd ra hop-limit
|
Optional
By default, do not configure the value of the Hop Limit field in the RA packet sent by the interface to be got from the global configuration, and the value of the Hop Limit field is 0.
|
| Configure the maximum interval and minimum interval of sending the RA packet |
ipv6 nd ra interval max-value [ min-value ]
|
Optional
By default, the maximum interval of sending the RA packet is 600s, and the minimum interval is 198s. |
| Configure the RA packet to carry the MTU option |
ipv6 nd ra mtu |
Optional
By default, the RA packet does not carry the MTU option. |
| Configure the lifetime of the router in the RA packet |
ipv6 nd ra-lifetime value |
Optional By default, the lifetime of the router in the RA packet is 1800s. |
| Prohibit the interface from sending the RA packet periodically |
ipv6 nd suppress-ra period |
Optional
By default, the interface does not send the RA packet periodically. |
| Prohibit the interface from replying the RS packet |
ipv6 nd suppress-ra response |
Optional
By default, the interface does not reply the RA packet when receiving the RS packet. |
Enable the Interface to Send the Re-direct Packet
After receiving the IPv6 packet that needs to be forwarded, the device finds that the receiving interface of the packet is the same as the sending interface by selecting the route. At this time, the device forwards the packet and sends back the redirect packet to the source, informing the source to re-select the correct next hop for sending the subsequent packets. By default, a device can send a redirect packet, but in some specific cases, the user can prevent the device from sending a redirect packet.
Table 5-16 Enable the function of the interface sending the re-direct packet
|
Step
|
Command
|
Description
|
|
Enter the global configuration mode
|
configure terminal
|
-
|
|
Enter the interface configuration mode
|
interface interface-name
|
-
|
|
Enable the function of the interface sending the
re-direction packet
|
ipv6 redirects
|
Optional
By default, the function of the interface sending the re-direction packet is enabled.
|
Switch
.png){kind=icon}
.png){kind=logo}
.jpg)
.png){kind=logo}
