How IPv6 Got Rid of Broadcast
A friendly introduction to IPv6 node-solicited multicast addresses and ICMPv6 Neighbor Discovery
Broadcast is at the center of many IPv4 discovery services including DHCP and ARP. Despite this dependency, IPv6 has removed the need for broadcast. In this article, I present how multicast has allowed IPv6 to offer similar services without relying on broadcast.
Keywords: IPv6, multicast, address mapping, node-solicited address, ICMPv6, Neighbor Discovery, Neighbor Table, address resolution, duplicate address detection.
Multicast
Multicast is a communication model where a group of hosts share the same IP address. In IPv4, such address belongs to Class D: The high 4 bits are set to 0b1110. In IPv6, multicast addresses share the prefix of FF00::/8. For a source to contact all members in a group, all it takes is to send a single packet with the multicast address of the group specified as the destination address of the packet.
IP-to-Ethernet Address Mapping
The power of multicast lies is the fact that a multicast IP address is automatically mapped to a multicast Ethernet MAC address. All hosts who have joined a multicast group are listening to the same multicast MAC address. This multicast MAC address is derived locally from the multicast IP address of the group. As a result, all non members of the multicast group on a local link can discard a multicasted frame without relying on IP.
- In the case of IPv4, multicast addresses belong to class D: The 4 first bits are set to 0b1110. There are mapped to Ethernet addresses with prefix: 01:00:5E:00:00:00/25. The low 23 bits are copied from the corresponding IPv4 multicast address.
Example: A host who has joined IPv4 multicast group address 239.138.8.5 listens to the frames sent to multicast MAC address 01:00:5E:0A:08:05.
- In the case of IPv6, multicast addresses share prefix FF00::/8. There are mapped to Ethernet addresses with prefix: 33:33:00:00:00:00/16. The low 32 bits are copied from the corresponding IPv6 multicast address.
Example: A host who has joined IPv6 multicast group address FF02::1:FF9A:BCDE listens to frames sent to multicast MAC address 33:33:FF:9A:BC:DE.
IPv6 Node-solicited Multicast Addresses
IPv6 has introduced a special type of multicast addresses called the node-solicited multicast addresses. Node-solicited multicast addresses share the prefix of FF02::1:FF00:0/104. The low 24 bits are copied for the corresponding IPv6 unicast address.
Node-solicited multicast addresses are intended to remove the need of using broadcast when contacting a neighboring node without knowing its MAC address.
- In IPv4, a frame sent to a host without knowing its MAC address is broadcasted: The destination MAC address of the frame is set to FF:FF:FF:FF:FF:FF. This is the case of the frames that encapsulate ARP requests or DHCP Discovery messages.
Note: The use of the broadcast MAC address allows for these messages to reach their intended destination at the expense of the other nodes located on the same link as they will also receive these messages. To discard these messages, the non-destination nodes will require the intervention of upper-layer protocols such as IP. Because of being software-based, these protocols will waste receiving capacity including CPU and memory resources.
- In IPv6, such a frame is sent to the multicast MAC address corresponding to the node-solicited multicast address of the neighboring host.
Example: The node-solicited multicast address for IPv6 link-local address FE80::3656:78FF:FE9A:BCDE is FF02::1:FF9A:BCDE. The multicast Ethernet address corresponding to node-solicited address FF02::1:FF9A:BCDE is 33:33:FF:9A:BC:DE.
An IPv6 host listens to the node-solicited multicast addresses derived from each and every of its unicast address. The following figure shows the IPv6 addresses configured for a host.
This host has two IPv6 addresses:
- Link-local address: FE80::260:3EFF:FE47:1530
- Global unicast address: 2001:DB8:C18:1:260:3EFF:FE47:1530
The node-solicited multicast address derived from these two adresses is:
- Node-solicited multicast address: FF02::1:FF47:1530
Node-solicited addresses are used for address resolution and duplicate address detection which are part of ICMPv6 functions. In IPv4, these functions are taken over by ARP.
ICMPv6 Neighbor Discovery
One of the main differences between ICMPv6 and IPv4 ICMP is the introduction of two new protocols called Neighbor Discovery (ND) and Multicast Listener Discovery (MLD). MLD is out of the scope of this article.
Neighbor Discovery relies on the following five (5) new types of ICMP messages:
- Router Solicitation (Type 133)
- Router Advertisement (Type 134)
- Neighbor Solicitation (Type 135)
- Neighbor Advertisement (Type 136)
- Redirect (Type 137)
The value of the Hop Limit field of all IPv6 packet containing a ND message is 255. The format of the ND messages consists of the ICMPv6 header and a payload specific to the type of ND message which may contain 0 or more ND options.
The sender of a solicitation message is called the source of the solicitation and the node to which the solicitation is destined the target. The target answers to the solicitation message with an Advertisement message. The sender of a solicited advertisement is still referred to as the target and the destination of the solicited advertisement as the source. Advertisement messages can also be unsolicited. In case of an unsolicited advertisement, the sender is called the source.
Address resolution and duplicate address detection use the Neighbor Solicitation and Neighbor Advertisement messages. The payload of both messages contains the IPv6 address of the target followed by a Link-layer address option. The Neighbor Advertisement header contains the following 3 flags:
- Router flag: is set to 1 if the sender of the Neighbor Advertisement is a router.
- Solicited flag: is set to 1 if the Neighbor Advertisement was sent in response to a Neighbor Solicitation.
- Override flag: is set to 1 if the destination of the Neighbor Advertisement should update its Neighbor table with the link layer address contained in the link-layer address option of the Neighbor Advertisement. ICMPv6 Neighbor table is similar to the ARP table in IPv4.
Neighbor Discovery Options
The ND options follow a Type-Length-Value format where:
- Type (8) indicates the type of the option (0x01 for the Source link-layer address option, 0x02 for the Target link-layer address option)
- Length (8) indicates the length of the option in 8-byte words.
- Value depends on the type of option.
Source and destination link-layer address options
The option contained in the Neighbor Solicitation (resp., Advertisement) messages is the Source (resp., Destination) link-layer address option. The length of the Source and Target link-layer address options is 64-bit long which translates to 0x01 for the value of the Length field.
In the case of the Neighbor Solicitation message, the link-layer address option contains the MAC address of the source. In the case the Neighbor Advertisement message, the link-layer address option contains the MAC address of the target (e.g., the sender of the Neighbor Advertisement).
An IPv6 node can also send unsolicited Neighbor Advertisements (with Solicited flag set to 0) to inform its neighboring nodes of changes in its link layer address. In the case of an unsolicited Neighbor Advertisement, the link-layer address option contains the Ethernet MAC address of the sender.
Address Resolution
Address resolution is the process by which a node resolves the IPv6 address of a neighboring node to its Ethernet MAC address.
Consider a node A who needs to resolve the Ethernet MAC of neighboring node B. A sends the following Neighbor Solicitation to the node-solicited multicast address of B:
Ethernet header:
- Source address: Ethernet MAC address of A
- Destination address: Multicast MAC address corresponding to the node-solicited multicast address of B
- Type: 0x86DD (IPv6)
IPv6 header:
- Source address: IPv6 unicast address of A
- Destination address: Node-solicited multicast address of B
- Payload length : 32
- Hop Limit: 255
- Next header: 58 (ICMPv6)
ICMPv6 Neighbor Solicitation:
- Type: 135
- Code: 0
- Target Address: IPv6 unicast address of B
Source link-layer address option:
- Type: 1
- Length: 1
- Value: Ethernet MAC address of A
The node-solicited multicast address permits node A to reach node B without knowing its MAC address while avoiding broadcasting the Ethernet frame.
Upon receiving the Neighbor solicitation of A, B responds with the following Neighbor Advertisement:
Ethernet header:
- Source address: Ethernet MAC address of B
- Destination address: Ethernet MAC address of A
- Type: 0x86DD (IPv6)
IPv6 header:
- Source address: IPv6 unicast address of B
- Destination address: IPv6 unicast address of A
- Payload length : 32
- Hop Limit: 255
- Next header: 58 (ICMPv6)
ICMPv6 Neighbor Solicitation:
- Type: 136
- Code: 0
- Target Address: Unicast IPv6 address of B
Target link-layer address option:
- Type: 2
- Length: 1
- Value: Ethernet MAC address of B
Duplicate Address Detection
Duplicate address detection is the process by which a node determines if a specific IPv6 address is already used by a neighboring node.
Consider a node A who is attempting to use the IPv6 address already used by a neighboring node B. A sends the following Neighbor Solicitation message:
Ethernet header:
- Source address: Ethernet MAC address of the A
- Destination address: Multicast MAC address corresponding to the node-solicited multicast address of B
- Type: 0x86DD (IPv6)
IPv6 header:
- Source address: IPv6 unspecified address :: (all-0 address)
- Destination address: Node-solicited multicast address of B
- Payload length : 32
- Hop Limit: 255
- Next header: 58 (ICMPv6)
ICMPv6 Neighbor Solicitation:
- Type: 135
- Code: 0
- Target Address: Unicast IPv6 address of B
Source link-layer address option:
- Type: 1
- Length: 1
- Value: Ethernet MAC address of A
Upon receiving the Neighbor solicitation of A, B responds with the following Neighbor Advertisement sent to the link-local scope all-nodes multicast address (FF02::1):
Ethernet header:
- Source address: Ethernet MAC address of B
- Destination address: 33:33:00:00:00:01
- Type: 0x86DD (IPv6)
IPv6 header:
- Source address: IPv6 address of B
- Destination address: FF02::1
- Payload length : 32
- Hop Limit: 255
- Next header: 58 (ICMPv6)
ICMPv6 Neighbor Solicitation:
- Type: 136
- Code: 0
- Target Address: Unicast IPv6 address of B
Target link-layer address option:
- Type: 2
- Length: 1
- Value: Ethernet MAC address of B
Final Words
IPv6 has successfully resolved the design issues of IPv4 while keeping the design principles at the origin of the success of the Internet. Neighbor Discovery is one example of changes brought by IPv6. Neighbor Discovery refers to the new messages added to ICMPv6 which replace, amongst other protocols, ARP. Neighbor Discovery takes over the functions of ARP such as address resolution and duplicate address detection. ICMPv6 Neighbor Discovery provide these same functions in a more efficient way. To be able to contact a neighboring node without knowing its MAC address, IPv6 uses the concept of node-solicited multicast addresses. A node-solicited multicast address is derived for each and every IPv6 address allocated to an IPv6 node. Node-solicited multicast addresses are automatically mapped to multicast Ethernet MAC addresses which can be used in replacement of the Ethernet broadcast address.