Neighbor Solicitation makes no sense!!!

bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
I'm going over and over and over this - comparing the NS messages vs ARP, and the things I'm reading are just not adding up. Either that or (more likely) my logic is flawed or there's some step I'm missing or mistakenly adding.

The various books say NS is better than ARP because it sends to the multicast address rather than a broadcast request so only one (or very very few) hosts have to process it... but ARP doesn't send a (layer 3) broadcast - layer 2 sure, since it doesn't know the layer 2 address (that's kindof the point). Then the book goes on and lists the layer 3 NS request and how it calculates the layer 3 multicast address (... even though it already had a layer 3 unicast) - but never goes into what layer 2 address it uses (I'm guessing it still has to broadcast the request to ffff:ffff:ffff since it still doesn't know it). So basically you're going from ARP - a unicast layer 3 / broadcast layer 2 to NS: - a multicast layer 3 / broadcast layer 2.... and I don't see how that's better. All devices still receive the L2 broadcast, strip it and hand it up to layer 3, who will then compare the ipv4 unicast or ipv6 multicast to see if it's for them. (why can't we just keep ipv6's unicast here?)

GAH I'm just going around and around -- hence my frustrated post here that's really a question cause I don't see ..... why?
Latest Completed: CISSP

Current goal: Dunno

Comments

  • mattaumattau Member Posts: 218
    this is where video training is your best friend. books sometimes just confuse you and you need something else to assist in simpler terms. I recommend watching keith barkers series on ipv6. it is very very good Keith6783's Channel - YouTube
    _____________________________________
    CCNP ROUTE - passed 20/3/12
    CCNP SWITCH - passed 25/10/12
    CCNP TSHOOT - passed 11/12/12




  • bermovickbermovick Member Posts: 1,135 ■■■■□□□□□□
    But even he doesn't really get to my question - he just says "how does R1 know the mac address for HostA f0/0's link local address? By sending NS packets to host A's solicited node address! (except the solicited node address is still layer 3, so the question remains, but now it's "how does R1 know the mac address for HostA f0/0's solicited node address?")

    I know the answer is the same for both questions, but I don't see where coming up with the solicited node address accomplishes anything except to ask the same question pretty much.

    A quick lab shows instead of ipv4's ff:ff:ff:ff:ff:ff layer 2 broadcast for ARP, ipv6 sent the request to 33:33:ff:00:00:01. Some googling of that leads to links that are well over my head, but seem to suggest that 1) layer 2 can multicast too, and 2) apparently those 'lower 24 bits' that get plugged into the solicited node address are so that they can then be put into the layer 2 multicast, and we end up with 33:33:ff (which is for neighbor discovery; I guess reserved like how FE80 is reserved for link local L3 addressing), and 00:00:01 which were the last 24 bits of the address.

    Deep, deep stuff, but I think it is starting to make sense now.
    Latest Completed: CISSP

    Current goal: Dunno
  • mattaumattau Member Posts: 218
    I understand your desire to dig deep for the answers, I am the same. Ill have a go at answering.

    Say B has this ipv6 address of 2002:1111::1/64 for example and A doesnt know the mac address

    like you said how does R1 know the mac address for hostA fa0/0 solicited node address ?

    Well thats the thing. A doesnt know the mac address but what you do know is the ipv6 address of B as its a common address to know. Everyone can know about those addresses thats what this whole thing is built upon.

    All hosts join that multicast address group and listens for all requests for these multicast groups when they configure an ipv6 address on an interface. There is no such thing as broadcast FF:FF:FF:FF in ipv6 its all broken down into specific multicast groups and you can derive someones layer 2 address by including B's last 24 bits of its ipv6 address in combination of this multicast group. I guess if its on an ethernet link all hosts will get the message but i believe they dont have to process it once they see its not for them where as an arp broadcast they have to open the packet up and have a look ( but i am not 100% on this )



    say Host A wants to talk to host B. A has no idea what that mac is for B but it does know its ipv6 address so...

    A knows B is listening for all requests as B has joined the solicited node multicast group for this ipv6 address we are sending this to .
    by sending the ipv6 solicited node multicast FF02:1:FF then the last 24 bits of B's ipv6 address FF02::1:FF00:0001 we know that A will say hey B give me your layer 2 address here is the info you should need FF02::1:FF00:0001
    FF02::1:FF means something to ipv6 routers / hosts. They listen to that address and know what it means so it just sends back the "link layer" layer 2 mac in a Neighbor Advertisement message. I believe if you debug ipv6 ND you can see the messages and it makes alot of sense : )

    that probably is confusing. : )
    _____________________________________
    CCNP ROUTE - passed 20/3/12
    CCNP SWITCH - passed 25/10/12
    CCNP TSHOOT - passed 11/12/12




Sign In or Register to comment.