Introduction to nd detection, Background – H3C Technologies H3C S3100 Series Switches User Manual

1-8

z

If they are consistent, the device resets the aging timer for the ND snooping entry.

z

If they are inconsistent and the received packet is a DAD NS message, the message is ignored.

z

If they are inconsistent and the received packet is not a DAD NS message, the device performs

active acknowledgement.

The active acknowledgement process is as follows:

z

The device checks the validity of the existing ND snooping entry. The device sends out a DAD NS

message including the IPv6 address of the ND snooping entry every one second for three times at

most. If a corresponding NA message (that is, the source IPv6 address, source MAC address,

source VLAN, and receiving port information are consistent with those of the existing entry) is

received, the device stops sending out DAD NS messages and resets the aging timer. If no

corresponding NA message is received within five seconds after the first DAD NS message is sent,

the device starts to check the validity of the received packet.

z

To check the validity of the received packet (packet A for example), the device sends out a DAD NS

message including the source IPv6 address of packet A every one second for three times at most.

If a corresponding NA message (that is, the source IPv6 address, source MAC address, source

VLAN, and receiving port information are consistent with those of packet A) is received, the device

stops sending out DAD NS messages and updates the corresponding entry. If no corresponding

NA message is received within five seconds after the first DAD NS message is sent, the device

does not update the entry.

3) Aging out an ND snooping entry

An ND snooping entry is aged out after 25 minutes. If an ND snooping entry is not updated for 15

minutes, the device performs active acknowledgement as follows:

The device sends out a DAD NS message including the IPv6 address of the ND snooping entry every

one second for three times at most.

z

If a corresponding NA message is received (that is, the source IPv6 address, source MAC address,

source VLAN, and receiving port information are consistent with those of the existing entry), the

device stops sending out DAD NS messages and resets the aging timer.

z

If no corresponding NA message is received within five seconds after the first DAD NS message is

sent out, the device removes the entry when the timer expires.

Introduction to ND Detection

Among the S3100 series Ethernet switches, only the S3100-EI series support ND Detection.

Background

The IPv6 Neighbor Discovery (ND) protocol uses five types of ICMPv6 messages to implement the

following five functions: address resolution, authentication of neighbor reachability, detection of

repeated address, router and prefix discovery, and address auto-configuration and redirection.

The five types of ICMPv6 used by the ND protocol are as follows:

z

Neighbor Solicitation (NS)

z

Neighbor Advertisement (NA)

z

Router Solicitation (RS)