Neighbor Discovery Protocol

The Neighbor Discovery Protocol (NDP) is a protocol in the Internet Protocol Suite used with Internet Protocol Version 6 (IPv6). It operates in the Internet Layer of the Internet model (RFC 1122) and is responsible for address autoconfiguration of nodes, discovery of other nodes on the link, determining the Link Layer addresses of other nodes, duplicate address detection, finding available routers and Domain Name System (DNS) servers, address prefix discovery, and maintaining reachability information about the paths to other active neighbor nodes (RFC 4861).^[1]

The protocol defines five different ICMPv6 packet types to perform functions for IPv6 similar to the Address Resolution Protocol (ARP) and Internet Control Message Protocol (ICMP) Router Discovery and Router Redirect protocols for IPv4. However, it provides many improvements over its IPv4 counterparts (RFC 4861, section 3.1). For example, it includes Neighbor Unreachability Detection (NUD), thus improving robustness of packet delivery in the presence of failing routers or links, or mobile nodes.

Internet protocol suite
Application layer
DHCP DHCPv6 DNS FTP HTTP IMAP IRC LDAP MGCP NNTP BGP OSPF NTP POP RPC RTP RTSP RIP SIP SMTP SNMP SOCKS SSH Telnet TLS/SSL XMPP (more)
Transport layer
TCP UDP DCCP SCTP RSVP (more)
Internet layer
IP IPv4 IPv6 ICMP ICMPv6 ECN IGMP IPsec (more)
Link layer
ARP/InARP NDP Tunnels L2TP PPP Media access control Ethernet DSL ISDN FDDI (more)
v t e

Technical details

NDP defines the following five ICMPv6 packet types:^[2]

Router Solicitation
Router Advertisement
Neighbor Solicitation
Neighbor Advertisement
Redirect

These messages are used to provide the following functionality:

Router discovery: hosts can locate routers residing on attached links.
Prefix discovery: hosts can discover address prefixes that are on-link for attached links.
Parameter discovery: hosts can find link parameters (e.g., MTU).
Address autoconfiguration: stateless configuration of addresses of network interfaces.
Address resolution: mapping between IP addresses and link-layer addresses.
Next-hop determination: hosts can find next-hop routers for a destination.
Neighbor unreachability detection (NUD): determine that a neighbor is no longer reachable on the link.
Duplicate address detection (DAD): nodes can check whether an address is already in use.
Redirect: router can inform a node about better first-hop routers.
Recursive DNS Server (RDNSS) and DNS Search List (DNSSL) assignment via a router advertisement (RA) options.^[3] This is a new feature and not widely supported by clients.

Vulnerability

Some routers have a vulnerability in dealing with the NDP protocol [1]. Often, routers have less NDP entries available than possible addresses in the IPv6 subnet (typically 2^64 or more, to allow for SLAAC). An (expired) resolution is possible [2].

References

^ RFC 4861, Neighbor Discovery for IP version 6 (IPv6), T. Narten et al. (September 2007)
^ RFC 2461, Neighbor Discovery for IP version 6 (IPv6), T. Narten, December 1998
^ RFC 6106, IPv6 Router Advertisement Options for DNS Configuration, J. Jeong (Ed.), S. Park, L. Beloeil, S. Madanapalli (November 2010)

External links

Neighbor Discovery Protocol

v t e Internet Protocol version 6

General	IPv6 IPv6 address IPv6 packet Mobile IPv6

Deployment	IPv6 deployment Comparison of IPv6 application support Comparison of IPv6 support in routers Comparison of IPv6 support in operating systems Comparison of IPv6 support by major transit providers List of IPv6 tunnel brokers

IPv4 to IPv6 topics	IPv4 address exhaustion IPv6 transition mechanisms

Related protocols	DHCPv6 ICMPv6 Neighbor Discovery Protocol Secure Neighbor Discovery Protocol Multicast Router Discovery Site Multihoming by IPv6 Intermediation

Neighbor Discovery Protocol

Technical details

Vulnerability

See also

References

External links

moreless