2013 Cisco andor its affiliates All rights reserved

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

• Introduction to ICMPv 6 • Echo Request and Echo Reply • Neighbor Discovery • Neighbor Cache Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 2

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 3

• Similar to ICMP for IPv 4 • More robust • New features • Improving upon similar functionality • Both ICMP and ICMPv 6 use types and codes • Two types of ICMPv 6 messages • Error messages • Informational messages Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 4

• IPv 6 routing is off by default in Cisco IOS • R 1(config)# ipv 6 unicast-routing • Global configuration mode to enable IPv 6 Routing Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 5

ICMPv 6 Next Header Value: 58 decimal or 3 A hexadecimal Next Header 58 ICMPv 6 Message Body ICMPv 6 Header IPv 6 Data ICMPv 6 General Message Format 8 Type 16 Code 24 32 Checksum Message Body Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 6

Type = 0 to 127 (8 bit field with first bit off 0 xxxxxxx) Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 7

Type = 128 – 255 (8 bit field with first bit on 1 xxxxxxx) Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 8

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 9

Echo Reply: Type = 128 Echo Request: Type = 129 8 Type = 128 or 129 16 Code = 0 24 32 Checksum Identifier Sequence Number Data • Like IPv 4, ICMPv 6 Echo Request and Echo Reply are two ICMP messages used by ping Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 10

R 1 Fa 0/0 2001: DB 8: AAAA: 1: : 1 FE 80: : 1/64 Ping PC 1 PC 2 2001: DB 8: AAAA: 1: : 100 FE 80: : 50 A 5: 8 A 35: A 5 bb: 66 E 1 Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 11

PC 1> ping 2001: db 8: aaaa: 1: : 1 Pinging 2001: db 8: aaaa: 1: : 1 from 2001: db 8: aaaa: 1: : 100 with 32 bytes of data: Reply from 2001: db 8: aaaa: 1: : 1: time=1 ms Ping statistics for 2001: db 8: aaaa: 1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 1 ms, Maximum = 1 ms, Average = 1 ms Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 12

Internet Protocol Version 6 0110. . = Version: 6. . 0000. . . . . = Traffic class: 0 x 0000. . . 0000 0000 = Flowlabel: 0 x 0000 Payload length: 40 Next header: ICMPv 6 (0 x 3 a) Hop limit: 128 Source: 2001: db 8: aaaa: 1: : 100 Destination: 2001: db 8: aaaa: 1: : 1 Internet Control Message Protocol v 6 Type: 128 (Echo (ping) request) Code: 0 (Should always be zero) Checksum: 0 x 8 f 38 [correct] ID: 0 x 0001 Sequence: 0 Data (32 bytes) Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 13

Internet Protocol Version 6 0110. . = Version: 6. . 0000. . . . . = Traffic class: 0 x 0000. . . 0000 0000 = Flowlabel: 0 x 0000 Payload length: 40 Next header: ICMPv 6 (0 x 3 a) Hop limit: 64 Source: 2001: db 8: aaaa: 1: : 1 Destination: 2001: db 8: aaaa: 1: : 100 Internet Control Message Protocol v 6 Type: 129 (Echo (ping) reply) Code: 0 (Should always be zero) Checksum: 0 x 8 e 38 [correct] ID: 0 x 0001 Sequence: 0 Data (32 bytes) Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 14

R 1# ping fe 80: : 50 a 5: 8 a 35: a 5 bb: 66 e 1 Output Interface: fastethernet 0/0 % Invalid interface. Use full interface name without spaces (e. g. Serial 0/1) R 1# ping fe 80: : 50 a 5: 8 a 35: a 5 bb: 66 e 1 Output Interface: fastethernet 0/0 Type escape sequence to abort. Sending 5, 100 -byte ICMP Echos to FE 80: : 50 A 5: 8 A 35: A 5 BB: 66 E 1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 15

Internet Protocol Version 6 0110. . = Version: 6. . 0000. . . . . = Traffic class: 0 x 0000. . . 0000 0000 = Flowlabel: 0 x 0000 Payload length: 60 Next header: ICMPv 6 (0 x 3 a) Hop limit: 64 Source: fe 80: : 1 Destination: fe 80: : 50 a 5: 8 a 35: a 5 bb: 66 e 1 Internet Control Message Protocol v 6 Type: 128 (Echo (ping) request) Code: 0 (Should always be zero) Checksum: 0 x 0444 [correct] ID: 0 x 0 a 24 Sequence: 0 Data (52 bytes) Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 16

Internet Protocol Version 6 0110. . = Version: 6. . 0000. . . . . = Traffic class: 0 x 0000. . . 0000 0000 = Flowlabel: 0 x 0000 Payload length: 60 Next header: ICMPv 6 (0 x 3 a) Hop limit: 64 Source: fe 80: : 50 a 5: 8 a 35: a 5 bb: 66 e 1 Destination: fe 80: : 1 Internet Control Message Protocol v 6 Type: 129 (Echo (ping) reply) Code: 0 (Should always be zero) Checksum: 0 x 0344 [correct] ID: 0 x 0 a 24 Sequence: 0 Data (52 bytes) Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 17

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 18

• Neighbors with IPv 6 • Routers • Hosts • So Neighbor Discovery means host to host communication or router to host communication, a router can also be a host • IPv 6 designers wanted IPv 6 to be plug and play at the user’s end • Processes are called Neighbor Discovery Processes and are implemented using ICMPv 6 messages Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 19

• Router Solicitation – Type 133 • Router Advertisement – Type 134 • Neighbor Solicitation – Type 135 • Neighbor Advertisement – Type 136 • Redirect Message – Type 137 Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 20

• Communication between a host and router • Router Solicitation • Sent by host (remember a router can be a host) • When host needs addressing and other configuration information important as part of SLAAC • Router Advertisement • Sent periodically (every 200 seconds on Cisco IOS) • Sent in response to Router Solicitation • Provides addressing and other configuration information important as part of SLAAC Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 21

• Used by a device to: • Request Layer 2 address information from another device on the same network • Provide this information to the requesting device • Part of three important processes: • Address Resolution • Duplicate Address Detection (DAD) • Neighbor Unreachability Detection (NUD) Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 22

Terms • ND or NDP – Neighbor Discovery Protocol • SLAAC – Stateless Address Autoconfiguration • DAD – Duplicate Address Detection Addresses • FF 02: : 1 All-nodes multicast • FF 02: : 2 All-routers multicast - Memory hint: routers are more important so thus the higher number Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 23

• IPv 6 routing is off by default in Cisco IOS • R 1(config)# ipv 6 unicast-routing • Global configuration mode to enable IPv 6 Routing Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 24

Stateless Address Auto Configuration can be explained using Neighbor Discovery Messages Prerequisites: 1. The host (PC 1) boots up 2. IPv 6 Configuration set to Auto Config 3. The host calculates the interface part of IPv 6 address using modified EUI-64 (depending on the operating system) 4. PC 1 then adds the link-local prefix FE 80 to the interface address to get a link-local IPv 6 address Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 25

R 1 PC 1 Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 26

1. Duplicate Address Detection (DAD) of Link-Local IPv 6 Address 2. Router Solicitation 3. Router Advertisement 4. Duplicate Address Detection of Global Unicast IPv 6 Address Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 27

PC 1 must verify that the link-local address is unique The Duplicate Address Detection(DAD) Neighbor Discovery Process is implemented The following ICMPv 6 Messages are used: 1) Neighbor Solicitation 2) Neighbor Advertisement Copy Cat Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 28

• Link-local address is in a tentative state until DAD is complete • Source address will be : : (unspecified ) • Destination address will be solicited-node multicast address of PC 1 • • • FF 02: : 1: FF 90: 41 B 0 Target address field is the link-local address FE 80: : 202: 4 AFF: FE 90: 41 B 0 PC 1 sets a timer If no Neighbor Advertisement message is received then it transitions the address from tentative to assigned PC 1 then sends a Neighbor Advertisement message indicating that its using the link-local address FE 80: : 202: 4 AFF: FE 90: 41 B 0 to other nodes in the link If a device has the same link-local it responds with a Neighbor Advertisement Address is then suspended on PC 1 Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 29

PC 1 sends Neighbor Solicitation to R 1 Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 30

Last step in DAD Process R 1 sends Neighbor Advertisement to PC 1 Link-local Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. All-nodes Multicast 31

• PC 1 now needs a global unicast IPv 6 address to communicate outside of the link (network) • PC 1 needs to find a router on its link • PC 1 has to perform the Router Discovery Process • PC 1 sends a Router Solicitation Message • Source address will be link-local address of PC 1 FE 80: : 202: 4 AFF: FE 90: 41 B 0 • Destination address will be FF 02: : 2 (All-routers multicast) Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 32

PC 1 sends Router Solicitation to R 1 Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 33

• R 1 sends Router Advertisement if ipv 6 unicast-routing is enabled on the router • Source address is link-local address of the R 1’s inferface FE 80: : 1 • Destination Address is FF 02: : 1 (All Nodes Multicast) • R 1 sends the following information to PC 1 1) Global Prefix and Prefix Length 2) Layer 2 Address of the interface sending Router Advertisement 3) Link MTU 4) Timers to check reachability 5) M and O flags Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 34

R 1 sends Router Advertisement to PC 1 Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 35

Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 36

Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 37

• PC 1 has to check whether the global unicast is unique • Perfoms Duplicate Address Detection • Sends a Neighbor Solicitation message with global IPv 6 unicast address as the Target Address • Once process ends and address is confirmed unique PC 1 sends a Neighbor Advertisement message to announce its global unicast IPv 6 address Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 38

Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 39

Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 40

Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 41

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 42

Neighbor Cache IPv 6 Address MAC Address 2001: DB 8: ACAD: 1: : 10 0021. 9 bd 9. c 644 PC 1 IPv 6 - 2001: DB 8: ACAD: 1: : 10 MAC - 0021. 9 bd 9. c 644 • Neighbor Cache – Maps IPv 6 addresses with Ethernet MAC addresses • Similar to ARP Cache for IPv 4 • 5 States (2 noticeable and 3 transitory): • Reachable: Packets have recently been received providing confirmation • • that this device is reachable. Stale: A certain time period has elapsed since a packet has been received from this address. Transitory States: INCOMPLETE, DELAY, PROBE Cisco Networking Academy, US/Canada © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 43

R 1# show ipv 6 neighbors IPv 6 Address FE 80: : 50 A 5: 8 A 35: A 5 BB: 66 E 1 2001: db 8: aaaa: 1: : 100 Age Link-layer Addr State Interface 16 0021. 9 bd 9. c 644 STALE Fa 0/0 R 1# ping 2001: db 8: aaaa: 1: : 100 Type escape sequence to abort. Sending 5, 100 -byte ICMP Echos to 2001: DB 8: AAAA: 1: : 100, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms R 1# show ipv 6 neighbors IPv 6 Address FE 80: : 50 A 5: 8 A 35: A 5 BB: 66 E 1 2001: DB 8: AAAA: 1: : 100 Cisco Networking Academy, US/Canada Age Link-layer Addr State Interface 16 0021. 9 bd 9. c 644 STALE Fa 0/0 0 0021. 9 bd 9. c 644 REACH Fa 0/0 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. 44

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 45

Thank you.