Service Manual
34
Neighbor Discovery Protocol (NDP)
The neighbor discovery protocol for IPv6 is dened in RFC 2461 as part of the Stateless Address Autoconguration protocol. It
replaces the Address Resolution Protocol used with IPv4. NDP denes mechanisms for solving the following problems:
• Router discovery: Hosts can locate routers residing on a link
• Prex discovery: Hosts can discover address prexes for the link
• Parameter discovery
• Address autoconguration — conguration of addresses for an interface
• Address resolution — mapping from IP address to link-layer address
• Next-hop determination
• Neighbor unreachability detection (NUD): Determine that a neighbor is no longer reachable on the link.
• Duplicate address detection (DAD): Allow a node to check whether a proposed address is already in use.
• Redirect: The router can inform a node about a better rst-hop.
NDP uses the following ve ICMPv6 packet types in its implementation:
• Router Solicitation
• Router Advertisement
• Neighbor Solicitation
• Neighbor Advertisement
• Redirect
IPv6 Router Advertisement (RA) Guard
The IPv6 RA guard provides support to perform conditional forwarding or blocking of the router advertisement messages that are
received at the network device platform. This functionality analyzes and lters the RAs sent by the devices and compares the
conguration information on the layer 2 device with the RA frame. Once the layer 2 device validates the content of the RA frame
against the conguration, it forwards the RA to its unicast or multicast destination. On failure to validate the RA frame content, the
RA frame is dropped.
The IPv6 RA guard supports two dierent modes:
• Host mode — When a policy with device role as host is applied on an interface, all the RA packets are dropped without
validation. You can also congure the host mode policy with VLAN option to drop the RA packets on that specic VLAN and
port.
• Router mode — When a policy with device role as router is applied on an interface, all the RA packets are validated based on the
conguration information in the policy. Similarly, you can also apply this mode over any specic VLAN and the validation is
performed only for that particular VLAN RA packets.
To congure the IPv6 RA guard, use the following Dell Networking OS commands.
868
Neighbor Discovery Protocol (NDP)