IPv6 Foundation Part 4: ICMPv6 & IPv6 Neighborships

IPv6 Foundation Part 4 - ICMPv6 and IPv6 Neighborships
All about ICMPv6, IPv6 Neigh­bor Adver­tise­ment & Dis­cov­ery, Router Adver­tise­ment & Dis­cov­ery. Find your answers and more right here!

Table of Con­tents

About this course

So you are inter­est­ed in IPv6, which is absolute­ly great!

IPv6 is not only the future of net­work­ing, it is already here today! All the big play­ers on the Inter­net are already IPv6 enabled and it is now time for you to join the par­ty!

This course cov­ers all major aspects of the new Inter­net Pro­to­col and what changed, com­pared to IPv4. You will under­stand the fun­da­men­tals and be ahead of your peers that are still on the sink­ing ship of IPv4! As of today, there are no IPv4 address­es left and we have no oth­er option but to go ahead and deploy IPv6.

IPv6 Act Now

IPv6 Foun­da­tion Part 4: ICMPv6 & IPv6 Neigh­bor­ships

The Inter­net Con­trol Mes­sage Pro­to­col ver­sion 6
 (ICMPv6) is an impor­tant part of IPv6.

It was defined in Spring 2006 as RFC4443

Among oth­ers, it also defines the 
Neigh­bor Dis­cov­ery Pro­to­col (NDP), which replaces ARP!

What the ICMPv6 Pack­et looks like

Let’s have a look at the reg­u­lar ICMPv6 pack­et:

Bit Off­set 0 — 7 8 — 15 16 — 31
0
Type
Code
Check­sum
32
Mes­sage Body

All the ICMPv6 Types and Codes

The dif­fer­ent types and codes for the var­i­ous types of mes­sages are defined in the fol­low­ing table. As you can see, there are some sim­i­lar­i­ties to ICMP for IPv4, so not every­thing is prob­a­bly new to you.

Type Code Descrip­tion
1

des­ti­na­tion unreach­able

0
no route to des­ti­na­tion
1
com­mu­ni­ca­tion with des­ti­na­tion admin­is­tra­tive­ly pro­hib­it­ed
2
beyond scope of source address
3
address unreach­able
4
port unreach­able
2
0
pack­et too big
3

time exceed­ed

0
hop lim­it exceed­ed in tran­sit
1
frag­ment reassem­bly time exceed­ed
4

para­me­ter prob­lem

0
erro­neous head­er field encoun­tered
1
unrec­og­nized Next Head­er type encoun­tered
2
unrec­og­nized IPv6 option encoun­tered
128
0
echo request
129
0
echo reply
130
0
group mem­ber­ship query
131
0
group mem­ber­ship reply
132
0
group mem­ber­ship reduc­tion
133
0
router solic­i­ta­tion
134
0
router adver­tise­ment
135
0
neigh­bor solic­i­ta­tion
136
0
neigh­bor adver­tise­ment
137
0
redi­rect

Neigh­bor Dis­cov­ery (ND) in IPv6

ICMPv6 Neighbor Discovery

Now it’s time to look at the dif­fer­ent ICMPv6 mes­sage types, start­ing with the Neigh­bor Dis­cov­ery Pro­to­col (ND or NDP).

It is a Lay­er 2 pro­to­col and is >used:

  • for State­less Address Auto­con­fig­u­ra­tion (SLAAC).
  • to find oth­er hosts and their MAC address­es (replaces ARP in that mat­ter)
  • to find routers and DNS servers (this is new!)
  • to find the IP pre­fix (net­work) used on the link
  • for Dupli­cate Address Detec­tion (DAD), to make sure the address used is unique

Solicit­ed-Node Mul­ti­cast Address

>As a quick side note we have to talk about a spe­cial mul­ti­cast address, which was defined in RFC4291 and is called the Solicit­ed-Node Mul­ti­cast Address.

For every IPv6 address there is one — and the spe­cif­ic mul­ti­cast group must be joined.

It is also used for Neigh­bor Dis­cov­ery (sim­i­lar to ARP) and to make sure an address is unique. We will go into detail about this at a lat­er stage of this course.

How to find the Solicit­ed-Node Mul­ti­cast Address of a spe­cif­ic IPv6 Address

To find or gen­er­ate the Solicit­ed-Node Mul­ti­cast Address of a spe­cif­ic IPv6 address, sim­ply fol­low these rules:

the pre­fix is always ff02:0:0:0:0:1:ff00::/104 + the last 24 bits of the IPv6 address
.(ff02:0:0:0:0:1:ff00:0000 — ff02:0:0:0:0:1:ffff:ffff). So yes, you are absolute­ly cor­rect — these groups are not exact­ly unique, but this is total­ly fine for the pur­pose served!

Router Solic­i­ta­tion Mes­sages in IPv6 (RS)

ICMPv6 Router Solicitation

The Router Solic­i­ta­tion mes­sage (RS) is ICMPv6 Type 133.

The host sends a Router Solic­i­ta­tion or RS to the “all routers” mul­ti­cast group (ff02::2), to receive the pre­fix (net­work) infor­ma­tion and the address of routers on the local­ly con­nect­ed link.

Router Adver­tise­ment Mes­sages in IPv6 (RA)

ICMPv6 Router Advertisement

The Router Adver­tise­ment mes­sage (RA) is ICMPv6 Type 134.

A router sends a peri­od­ic Router Adver­tise­ment or RA to the “all hosts” mul­ti­cast group (ff02::1), to announce the pre­fix (net­work) infor­ma­tion and its own address
 to be used by clients on the local­ly con­nect­ed link or net­work.

As you might have guessed, this type of mes­sage is also used as a reply to Router Solic­i­ta­tion (RS)
 sent by a client.

In the Router Adver­tise­ment mes­sage a pref­er­ence can be set (low, medi­um, high), in case a sin­gle router should be pre­ferred by hosts on the link. The net­work admin­is­tra­tor has the pos­si­bil­i­ty to announce mul­ti­ple routers that can be used as a gate­way or default route out of the local net­work and still set a pri­or­i­ty and pre­ferred router to be used first. If this pri­ma­ry router some­how los­es its con­nec­tion to the net­work, maybe because it breaks down, the entry times out of the cor­re­spond­ing tables on the clients and they will use the next-best router on the net­work instead.

Neigh­bor Solic­i­ta­tion Mes­sages in IPv6 (NS)

ICMPv6 Neighbor Solicitation

The Neigh­bor Solic­i­ta­tion mes­sage (NS) is ICMPv6 Type 135.

It is used to find the Link Lay­er address, so the Lay­er 2 or MAC address of anoth­er host to estab­lish eth­er­net com­mu­ni­ca­tion. A Neigh­bor Solic­i­ta­tion (NS) is sent to the solicit­ed-node mul­ti­cast address of the neigh­bor (like ARP in IPv4)
.

also, a NS is sent to uni­cast address of neigh­bor, to find out if it is still alive and reach­able

Neigh­bor Adver­tise­ment Mes­sages in IPv6 (NA)

ICMPv6 Neighbor Advertisement

The Neigh­bor Adver­tise­ment mes­sage (NA) is ICMPv6 Type 136.

This mes­sage is used to reply to Neigh­bor Solic­i­ta­tion (NS) mes­sage

Redi­rect Mes­sages in IPv6

The Redi­rect mes­sage is ICMPv6 Type 137 and the last mes­sage type.

A redi­rect mes­sage is sent by routers to tell hosts that there is a bet­ter next hop for a tar­get that was direct­ed to the spe­cif­ic router.

For exam­ple — the default router for a client sub­net has a next-hop for a des­ti­na­tion net­work, which (the next-hop) is also on the same local net­work. It would not make much sense for the router to receive all this traf­fic just to for­ward it back on the same LAN to the next-hop router. Instead, a redi­rect mes­sage is sent to the client, so the client may address the des­ti­na­tion direct­ly via the best next-hop on the local net­work.

How IPv6 Neigh­bor Pro­cess­ing works

You have learned before, that in IPv6 there is no ARP any­more. Instead there is ICMPv6 and the Solicit­ed-Node Mul­ti­cast address, but how does that all fit togeth­er? Let’s find the answers in the fol­low­ing chap­ters.

Let’s define some basics first:

The IPv6 Neigh­bor Cache
 keeps Track of all Neigh­bors

The neigh­bor cache is a table on a device (host or router) which lists all neigh­bors that have been com­mu­ni­cat­ed with recent­ly.


The neigh­bor cache con­tains the MAC address of the cor­re­spond­ing IPv6 address and a flag, if it is a router or a host


The neigh­bor cache also lists reach­a­bil­i­ty infor­ma­tion (sim­i­lar to the ARP cache of IPv4), so if a device is not seen for some time, it is aged out and ulti­mate­ly dropped form the neigh­bor cache table.

The IPv6 Des­ti­na­tion Cache keeps Track of all Des­ti­na­tions

The des­ti­na­tion cache lists all tar­gets that have been com­mu­ni­cat­ed with recent­ly.

The des­ti­na­tion cache con­tains the MAC address of the local neigh­bor or
 the MAC address of the next hop, in case the IPv6 tar­get is remote and not acces­si­ble local­ly on a con­nect­ed link.

IPv6 Neigh­bor Reach­a­bil­i­ty States explained

Reach­a­bil­i­ty states are kept in the tables for each neigh­bor. The fol­low­ing states are defined:

incom­plete

  • the address is unknown but is being queried
 (this is the state after a Neigh­bor Solicitation/NS mes­sage and before recep­tion of the Neigh­bor Advertisement/NA as a reply from the neigh­bor)


reach­able

  • the neigh­bor has been active recent­ly and is known as avail­able

stale

  • there was no recent com­mu­ni­ca­tion with this neigh­bor
  • but there is also no next step to check fur­ther (not need­ed)

Thank You

Thank you for attend­ing the Orig­i­nal IPv6 Foun­da­tion Mas­ter Class! You can book­mark this site to use it as a quick ref­er­ence in case you need to re-read some­thing and you can share this page to social media and your friends and col­leagues. Stay tuned to this blog for more in-depth sto­ries like this one.

Rec­om­mend­ed Resources for addi­tion­al read­ing

Apart from the links through­out this course I rec­om­mend the fol­low­ing resources for addi­tion­al infor­ma­tion:

  1. The Inter­net Soci­ety (ISOC) IPv6 Por­tal
  2. Test your IPv6 con­nec­tiv­i­ty on test-ipv6.com
  3. The offi­cial IANA list of assigned IPv6 address space is very inter­est­ing
  4. The Google IPv6 deploy­ment sta­tis­tics
  5. The RIPE NCC IPv6 work­ing group and mail­ing list

Book rec­om­men­da­tions on IPv6

I can rec­om­mend the fol­low­ing 3 books (Ama­zon refer­ral links) which I enjoyed read­ing:

This con­cludes IPv6 Foun­da­tion Part 4: ICMPv6 & IPv6 Neigh­bor­ships of the orig­i­nal IPv6 Foun­da­tion Mas­ter Class.

Pre­vi­ous Part: IPv6 Foun­da­tion Part 3: IPv6 Head­ers & Exten­sion Head­ers

Next Part: IPv6 Foun­da­tion Part 5: IPv6 Con­fig­u­ra­tion, EUI-64, SLAAC & Dual Stack

Share this post

Share on pocket
Share on reddit
Share on facebook
Share on twitter
Share on linkedin
Share on xing