IPv6 Solicited Node Multicast Address

This topic is to discuss the following lesson:

Hi Rene,

I was wondering if you can clarify something for me. From me reading of this lesson, I understand that the solicited node multicast address is formed by joining the last 6 hex of the link local address to the FF02::1:ff address, correct ?

Now, the confusion comes in when we add a IPv6 unicast address, your example being:
2001:DB8:1234:5678:1234:5678:1234:5678/64

How, is the solicited multicast address now:

FF02::1:FF34:5678?

Why did you take the last 6 hex from the Ipv6 unicast address and not the link local address ?

Thank you,
Kevin

Hi Kevin,

The solicited node multicast address is generated for each IPv6 address on the interface, there’s one for the link local address and for each global unicast address that you have configured.

Rene

If we are only taking last 6 hex then multiple hosts on the same LAN may join to the same multi-cast group. As many hosts may have the MAC addresses whose last 24 bits are same. Is generating unique “solicited multi-cast address” not our intention ?

Hi Harmeet,

6 hexadecimal characters are 24 bits. The last 24 bits of the MAC address is the “vendor assigned” part. If you have two network cards from the same vendor then the last 24 bits should be unique.

Theoretically, it could be possible that you have two network cards from different vendors that have the same 24 vendor assigned bits but the odds are extremely small :slight_smile:

It is possible though to have two IPv6 addresses that use the same solicited node address. This is no problem though…both hosts will listen to the multicast group address and if needed, discard the packet that isn’t for them.

Rene

1 Like

Hi
I have found these articles very helpful to understand this topic

http://www.networkcomputing.com/author/36436053

Hi Rene,

Thank you for the clarity of your work. Although I understand how the NSM works, I have some gray areas:
1 - When you activate ipv6 on an interface, the latter joins a multicast group. This multicast group is used by NDP to retrieve the MAC address of the neighbor or detect duplicate addresses. But in packet exchanges, I see that it is unicast and not multicast. When we talk about multicast, we are talking about broadcasting from a source to a group of recipients, which is quite confusing. Can you please bring me some clarification?
2 - How does a switch manage flows when trying to join a host’s multicast group on the network?

Hello Willy

In both IPv4 and IPv6, multicast is defined as communication from a single source to multiple destinations. The feature itself has this capability. But what happens if there is only a single receiver? Is the feature no longer considered multicast because there is only a single host that has joined the group? The mechanism remains multicast, but in this case, there is only a single host that has joined the group, so the communication looks like unicast, because there is a single sender and a single receiver.

The important thing here is that the mechanism remains multicast, but the specific IPv6 multicast address is used in an environment where there is only a single host joining the multicast group. Rene explains it very well in the following text which is taken from the IPv6 Neighbor Discovery Protocol on Cisco Router lesson.

Using solicited node multicast addresses as the destination is far more efficient than IPv4’s ARP requests that are broadcasted to all hosts.

Every IPV6 device will compute a solicited node multicast address by taking the multicast group address (FF02::1:FF /104) and adding the last 6 hexadecimal characters from its IPv6 address. It will then join this multicast group address and “listens” to it.

When one host wants to find the layer two address of another host, it will send the neighbor solicitation to the remote host’s solicited node multicast address.It can calculate the solicited node multicast address of the remote host since it knows about the multicast group address and it knows the IPv6 address that it wants to reach.

The result will be that only the remote host will receive the neighbor solicitation. That’s far more efficient than a broadcast that is received by everyone…

I’m not completely sure what you mean here. Strictly speaking, a switch will not attempt to join a host’s multicast group, because a switch is an L2 device. Secondly, other devices do not attempt to join the multicast group of a host. Each host joins its own multicast group with a unique multicast group address of its own, and listens on this address.

Now how will switches manage the flow of these multicast addresses? For IPv4 we have what is known as IGMP snooping which will prevent multicast traffic from being broadcast to all L2 switch ports. For IPv6, we use what is called Multicast Listener Discovery (MLD) snooping, which essentially provides the same functionality for IPv6 multicast. You can find out more about it here:

I hope this has been helpful!

Laz

Hi Laz,
Thanks for your return …

1 Like

What is the benefit or reason for having multiple global unicast on the same interface and also why does another solicited node group get created for the unicast if we already have a link local?

Hello Daniel

When IPv4 was originally created, each interface, and each host, could only have a single IP address. Later improvements allowed for secondary addresses to be used, which were very useful. For this reason, IPv6 was designed from the beginning to be able to incorporate multiple address assignments.

There are many advantages to being able to so easily assign multiple addresses to an interface. Some of these include:

  1. The introduction of multiple connections to the Internet with multiple IPv6 routers on the local subnet allows for redundant connectivity without the need for any configuration. Each router will offer a different IPv6 address and default gateway to the host interface. The host can choose which default gateway to use. This offers redundancy as well as simple migration whenever you replace routers on the network.
  2. Multiple IPv6 addresses also make it very easy to migrate from one IPv6 addressing scheme to another with zero downtime.
  3. You can also assign multiple IPv6 addresses to a host and have each address associated with a particular application. Some extreme examples of this include experimentation with assigning an IP address to particular content. You can find out more about this at this post.

These are just some of the advantages, and there are of course a lot more… IPv6 moves away from the stricter infrastructure of IPv4 where we have one address, one gateway, manual or DHCP configuration etc… IPv6 becomes more fluid and automated, and part of that is allowing multiple global unicast addresses to be assigned to a single host/interface.

I hope this has been helpful!

Laz

1 Like

Thank you Lazaros that clears it up

1 Like

Hi @lagapidis

I just wanted to confirm something.
Is the link-local address always used to resolve the interface mac-address of the neighbouring device? I configured a Cisco router with 2 unique global ip addresses with EUI-64 and then realised NDP anyway happens using the Solicited node multicast group address. Is my assumption correct?

Config:

R1#sh ipv6 interface gi0/0/0
GigabitEthernet0/0/0 is up, line protocol is up
  IPv6 is enabled, link-local address is FE80::2D0:58FF:FED8:9801
  No Virtual link-local address(es):
  Global unicast address(es):
    **2001:ACAD:1234:5678:2D0:58FF:FED8:9801, subnet is 2001:ACAD:1234:5678::/64 [EUI]**
** 2001:ACAD:1234:789A:2D0:58FF:FED8:9801, subnet is 2001:ACAD:1234:789A::/64 [EUI]**
  Joined group address(es):
    FF02::1
    **FF02::1:FFD8:9801**
  MTU is 1500 bytes
  ICMP error messages limited to one every 100 milliseconds
  ICMP redirects are enabled
  ICMP unreachables are sent
  ND DAD is enabled, number of DAD attempts: 1
  ND reachable time is 30000 milliseconds

R1#sh int gi0/0/0 | include bia
  Hardware is ISR4331-3x1GE, address is 00d0.58**d8.9801** (bia 00d0.58d8.9801)

Hello Adhithya

Yes, your assumption is correct. The link-local address is always used by NDP to resolve the MAC address. Even if you use the EUI-64 method of obtaining the link local address, it won’t use that information to determine the MAC address, even though the information is all found in the link local address! This is because the device doesn’t know how the link local address was derived. It could be EUI-64, it could be random, or it could be manually configured. For this reason, the Solicited Node Multicast Address is used as part of the process of resolving the MAC address.

Take a look at these two NetworkLessons notes that explain the process further:

I hope this has been helpful!

Laz

1 Like