Some time ago I was working on IPv6 implementation and in that period I wrote an article about NDP (you can read it here). After a while I received some comments that is not written very well so I reviewed a huge part of it. It looks my english was far worst two years ago that I was really aware of 🙂
In the reviewing process I realised that NDP usage of Solicited-Node multicast addresses was not clearly explained. This is the follow-up article which should explain how and why Solicited-Node multicast address are used in NDP. After all this kind of multicast addresses are there to enable IPv6 neighbor discovery function of NDP to work properly.
Solicited-node multicast address is IPv6 multicast address used on the local L2 subnet by NDP Network Discovery Protocol. NDP uses that multicast address to be able to find out L2 link-local addresses of other nodes present on that subnet.
NDP replaces ARP
As we know, NDP in IPv6 networks replaced the ARP function from IPv4 networks. In IPv4 world ARP used broadcast to send this kind of discovery messages and find out about neighbours IPv4 addresses on the subnet. With IPv6 and NDP use of broadcast is not really a good solution so we use special type of multicast group addresses to which all nodes join to enable NDP communication.
Why is not a good solution to use broadcast?
ARP uses broadcasts for ARP request to the broadcast MAC address ff:ff:ff:ff:ff:ff. That kind of message will be received by everyone on L2 segment, although only one neighbour needs to respond back with an answer. Others need to receive that message, process it and discard the request afterwards. This action can cause network congestions if the amount of broadcast is excessive at some point. And all this on IPv4 network. Imagine if we implemented the same ARP in IPv6. Average IPv4 L2 segment is a subnet with, let’s say, 192.168.1.0/24 subnet that will enable us to have 254 IPv4 addresses (254 hosts) on L2 segment. Usually in IPv6 a “normal” L2 network segment will use subnet with /64 which will enable us to have 2^64 addresses. Broadcast between so many possible devices would kill our network segment, that’s the main reason broadcast does not even exist in IPv6 protocol and that is the reason NDP will need to use something better like multicast to get to all nodes on that segment.
Just a quick reminder: There is no broadcast address type in IPv6, there are only:
- Unicast addresses. A packet is delivered to one host
- Multicast addresses. A packet is delivered to multiple hosts.
- Anycast addresses. A packet is delivered to the nearest of multiple host with the same IPv6 address
Solicited-node multicast addresse is our answer. Solicited-node multicast address is generated from the last 24-bits of an IPv6 unicast (or anycast) address of an interface. Number of devices on some L2 segment that are subscribed to each solicited-node multicast address is very small, typically only one device. This enable us to reduce almost to none “wrong” host interruptions by neighbour solicitation requests, compared to ARP in IPv4.
There is a issue here with switches on which we have our IPv6 L2 segment devices connected. Those switched need to be multicast aware and implement MLD snooping. MLD snooping will enable the switch to send traffic that is addressed to a solicited-node multicast address only on the ports that lead to devices subscribed to receive that multicast traffic. If we do not think of MLD, Ethernet switches will probably tent to flood the multicast frames out of all switch ports converting our nice multicast setup to broadcast mess.
How Solicited-Node multicast address is created
We use the last 24 bits from our interface unicast or anycast address and append that part of the address to the prefix FF02::1:FF00:0/104.
Our interface unicast or anycast address is maybe EUI-64 SLAAC generated or DHCPv6 configured. NDP will do his thing and calculate Solicited-Node multicast address for that interface and join that multicast group.
In the process of generating..
We toked 104 bits from the address but in that way so that last byte of the penultimate field 00 is not used in the prefix. Our example shows that last 24 bits of the multicast address begin after FF.
In the process of generating Solicited-Node multicast address we will get an address from multicast range from FF02:0:0:0:0:1:FF00:0000 to FF02:0:0:0:0:1:FFFF:FFFF
A host is joining Solicited-Node multicast group for each of its unicast or anycast addresses for all its interfaces which is basically enabling normal NDP protocol function
Let’s say that we have one interface with an address fe80::2bb:fa:ae11:1152 the associated Solicited-Node multicast address is ff02::1:ff11:1152. So in this example our host must join to the multicast group represented by this address.