| Communication protocol | |
 When defining its messages, NDP followsICMPv6 message format. | |
| Purpose | Auxiliary protocol forIPv6 |
|---|---|
| Developer(s) | Internet Engineering Task Force |
| Introduction | March 1996; 29 years ago (1996-03) |
| OSI layer | Network layer |
| RFC(s) | 1970,2461,4861 |
TheNeighbor Discovery Protocol (NDP), or simplyNeighbor Discovery (ND), is a protocol of theInternet protocol suite used withInternet Protocol Version 6 (IPv6).[1]: §1 It operates at theinternet layer of theInternet model,[2] and is responsible for gathering various information required for network communication, including the configuration of local connections and thedomain name servers and gateways.
The protocol defines five ICMPv6 packet types to perform functions for IPv6 similar to theAddress Resolution Protocol (ARP) andInternet Control Message Protocol (ICMP)Router Discovery andRouter Redirect protocols forIPv4. It provides many improvements over its IPv4 counterparts.[1]: §3.1 For example, it includes Neighbor Unreachability Detection (NUD), thus improving robustness of packet delivery in the presence of failing routers or links, or mobile nodes.
TheInverse Neighbor Discovery (IND) protocol extension allows nodes to determine and advertise an IPv6 address corresponding to a given link-layer address, similar toInverse ARP for IPv4.[3]
TheSecure Neighbor Discovery Protocol (SEND), a security extension of NDP, usesCryptographically Generated Addresses (CGA) and theResource Public Key Infrastructure (RPKI) to provide an alternative mechanism for securing NDP with a cryptographic method that is independent ofIPsec. Neighbor Discovery Proxy (ND Proxy) provides a service similar to IPv4Proxy ARP and allows bridging multiple network segments within a single subnet prefix when bridging cannot be done at the link layer.[4]
| Internet protocol suite |
|---|
| Application layer |
| Transport layer |
| Internet layer |
| Link layer |
NDP defines fiveICMPv6 packet types for the purpose of router solicitation, router advertisement, neighbor solicitation, neighbor advertisement, and network redirects.[1]
These messages are used to provide the following functionality:
IANA maintains a list of all current NDP options as they are published.[7]
Two computers,A andB are connected to the samelocal area network with no interveninggateway orrouter.A has a packet to send to IP address2001:db8::55 which happens to be the address ofB.
Before sending the packet toB,A creates asolicited-node multicast address by appending the least-significant 24 bits ofB's address to the prefixff02::1:ff00:0/104, which isff02::1:ff00:55 and creates asolicited-node multicast MAC address by appending the least-significant 24 bits ofB's solicited-node multicast address to the prefix33:33:FF:xx:xx:xx,[8] which is33:33:FF:00:00:55.A sends a neighbor solicitation message requesting an answer for2001:db8::55 (destinationff02::1:ff00:55 IP address and destination33:33:FF:00:00:55 MAC address), which is accepted byB which is listening on its own solicited-node multicast address on the local network.B responds with a neighbor advertisement message containing its MAC and IP addresses.A receives the response and sends the packet on the link withB's MAC address.
Typically, network nodes maintain alookup cache that associates IP and MAC addresses. In this example, if A had the lookup cached, then it would not need to send the NDP request. Also, when B received the request, it could cache the lookup to A so that if B needs to send a packet to A later, it does not need to use NDP to lookup its MAC address. Finally, when A receives the NDP response, it can cache the lookup for future messages addressed to the same IP address.
