This article directory
Through the article "Understanding IPv6" , we understand the background of IPv6, the address format of IPv6, and the basic knowledge of unicast, multicast, and anycast. Then the most important thing is how the terminal accesses other hosts on the network through the IPv6 network. If a terminal wants to access resources on the IPv6 network, as with IPv4, there are very critical steps to assign an IPv6 address, know the subnet it is in, know the gateway address, and know the DNS server address. Our first reaction must be that there is a DHCPv6 server that supports the IPv6 protocol, and the process is the same as that of IPv4. This idea is correct. Indeed, IPv6 hosts can perform stateful IP allocation through the DHCPv6 server. But more importantly, IPv6 has a more concise address allocation method, which is the neighbor discovery protocol NDP that we will introduce next. Through NDP, the above-mentioned automatic allocation of IPv6 addresses, subnet allocation, and gateway address can be realized. DNS server address, etc. The following will introduce some principles and procedures of the functions provided by the IPv6 Neighbor Discovery Protocol.
1. Address allocation and configuration in IPv4
Before starting the introduction of the NDP protocol, let's review the process of IPv4. Generally speaking, in IPv4, we need the ARP protocol and the DHCP protocol to complete the address allocation and tell the newly added host the current network topology configuration process.
- The ARP protocol
completes the mapping between the IP address and MAC address of each host and gateway in the subnet through ARP broadcast and ARP request - DHCP protocol
By broadcasting DHCP requests, after requesting the DHCP server, the DHCP server assigns IP addresses, gateway addresses, DNS server addresses, subnet masks, etc. to new hosts joining the network
After passing the ARP and DHCP processes of the above two protocols, the network can be accessed normally (of course, the network configuration can also be completed by manual configuration, if the network is manually configured, the DHCP service and process are no longer needed).
In IPv6, generally speaking, a simpler NDP protocol and NDP process are designed to replace the above two protocols and two processes in IPv4. We know that IPv6 no longer supports broadcasting. We can simply understand that in IPv6, multicasting is used to replace broadcasting, and multicasting is used instead of broadcasting in the process of broadcasting such as IP address allocation. The NDP protocol works based on IPv6 multicast , so before starting the following NDP, you need to have a certain understanding of IPv6 multicast.
2. Overview of NDP protocol
NDP (Neighbor Discovery Protocol, Neighbor Discovery Protocol) is an important basic protocol in the IPv6 protocol system. A host in an IPv6 network can automatically configure itself with a unique link-local address, and once a host obtains an IPv6 address, it automatically joins multiple multicast groups. Then the NDP protocol completes the process of network address allocation and configuration through these multicast addresses . NDP mainly implements the following functions through ICMPv6 packets:
• Stateless automatic configuration: router discovery, prefix discovery, parameter discovery;
• Duplicate Address Detection (DAD), equivalent to IPv4 gratuitous ARP;
• Address resolution, equivalent to ARP of IPv4;
• Neighbor Unreachable Detection (NUD);
• Router redirection.
2.1. Stateless automatic configuration
Different from manual configuration , IPv6 automatic configuration is generally divided into two types : stateful automatic configuration through a DHCPv6 server and stateless automatic configuration without a DHCPv6 server . We can understand stateless automatic configuration as a simplified version of DHCP, which is a stateless configuration process. The most important messages used in this process are four messages: Router Advertisement (RA) and Router Solicitation (RS), Neighbor Solicitation (NS) and Neighbor Advertisement (NA).
-
Router Advertisement (RA)
Each router regularly sends RA messages in multicast mode to announce its existence in the Layer 2 network. The RA message will carry the network prefix information. -
Router Solicitation Message (RS)
After the host wants to obtain the network prefix for communication as soon as possible after accessing the network, the host can immediately actively send RS packets in multicast mode. After receiving the RS request, the routers on the network will use RA packets to communicate. respond. -
The neighbor solicitation message (NS)
is sent to FF02::1:FF00:0/104, which can be simply understood as an ARP request message in IPv4 -
The neighbor advertisement message (NA)
is sent to FF02::1, which can be simply understood as an ARP reply message in IPv4
2.1.1. Stateless automatic configuration process
2.2. Duplicate address detection DAD
DAD (Duplicate Address Detect, Duplicate Address Detection) is a process of actively detecting whether other nodes use this address in order to prevent IP conflicts before an interface starts using an IPv6 unicast address. All IPv6 unicast addresses, including automatically configured and manually configured unicast addresses, must pass duplicate address detection before being used by nodes. The IPv6 duplicate address detection process is similar to the process of using the ARP-free protocol for IP conflict detection in IPv4: the node multicasts the NS message to all nodes in the chain. The destination address in the NS message is the local IP address. If any station responds with an NA message, it proves that the address has been used on the network, and the node will not be able to use the address.
2.3, address resolution
In IPv4, when a host needs to communicate with a target host, it needs to first obtain the MAC address of the target host through the ARP protocol based on the IP address of the target host. Then you can fill in the correct MAC address of the other party in the link layer to complete the link layer communication. In IPv6, there is no ARP protocol, but the function of resolving from the IP address to the MAC address is also required, so in IPv6, the MAC address corresponding to the IP address is resolved through the Neighbor Solicitation message (NS) and the Neighbor Advertisement message (NA). of.
2.4. Neighbor unreachable detection (NUD) or tracking neighbor status
这是一个定时的邻居节点老化更新过程,可以理解为IPv4中的ARP表的老化与更新的过程,也是借助于NS/NA消息来完成的。
2.5、路由器重定向
这是一个路由器发现有更好的路由器时,主动向主机节点发送一个路由器重定向报文,让主机节点修改默认路由的过程。