IPv6 – Using Link Local Address in NDP

IPv6 NDP does a lot more than simply what IPv4 ARP did. ND also covers many more things than layer-3 to layer-2 address resolution. See RFC 4861, Neighbor Discovery for IP version 6 (IPv6), Section 3.1. Comparison with IPv4:

3.1. Comparison with IPv4

The IPv6 Neighbor Discovery protocol corresponds to a combination of the IPv4 protocols Address Resolution Protocol [ARP], ICMP Router Discovery [RDISC], and ICMP Redirect [ICMPv4]. In IPv4 there is no generally agreed upon protocol or mechanism for Neighbor Unreachability Detection, although the Hosts Requirements document [HR-CL] does specify some possible algorithms for Dead Gateway Detection (a subset of the problems Neighbor Unreachability Detection tackles).

The Neighbor Discovery protocol provides a multitude of improvements over the IPv4 set of protocols:

• Router Discovery is part of the base protocol set; there is no need for hosts to "snoop" the routing protocols.
• Router Advertisements carry link-layer addresses; no additional packet exchange is needed to resolve the router's link-layer address.
• Router Advertisements carry prefixes for a link; there is no need to have a separate mechanism to configure the "netmask".
• Router Advertisements enable Address Autoconfiguration.
• Routers can advertise an MTU for hosts to use on the link, ensuring that all nodes use the same MTU value on links lacking a well-defined MTU.
• Address resolution multicasts are "spread" over 16 million (2^24) multicast addresses, greatly reducing address-resolution-related interrupts on nodes other than the target. Moreover, non-IPv6 machines should not be interrupted at all.
• Redirects contain the link-layer address of the new first hop; separate address resolution is not needed upon receiving a redirect.
• Multiple prefixes can be associated with the same link. By default, hosts learn all on-link prefixes from Router Advertisements. However, routers may be configured to omit some or all prefixes from Router Advertisements. In such cases hosts assume that destinations are off-link and send traffic to routers. A router can then issue redirects as appropriate.
• Unlike IPv4, the recipient of an IPv6 redirect assumes that the new next-hop is on-link. In IPv4, a host ignores redirects specifying a next-hop that is not on-link according to the link's network mask. The IPv6 redirect mechanism is analogous to the XRedirect facility specified in [SH-MEDIA]. It is expected to be useful on non-broadcast and shared media links in which it is undesirable or not possible for nodes to know all prefixes for on-link destinations.
• Neighbor Unreachability Detection is part of the base, which significantly improves the robustness of packet delivery in the presence of failing routers, partially failing or partitioned links, or nodes that change their link-layer addresses. For instance, mobile nodes can move off-link without losing any connectivity due to stale ARP caches.
• Unlike ARP, Neighbor Discovery detects half-link failures (using Neighbor Unreachability Detection) and avoids sending traffic to neighbors with which two-way connectivity is absent.
• Unlike in IPv4 Router Discovery, the Router Advertisement messages do not contain a preference field. The preference field is not needed to handle routers of different "stability"; the Neighbor Unreachability Detection will detect dead routers and switch to a working one.
• The use of link-local addresses to uniquely identify routers (for Router Advertisement and Redirect messages) makes it possible for hosts to maintain the router associations in the event of the site renumbering to use new global prefixes.
• By setting the Hop Limit to 255, Neighbor Discovery is immune to off-link senders that accidentally or intentionally send ND messages. In IPv4, off-link senders can send both ICMP Redirects and Router Advertisement messages.
• Placing address resolution at the ICMP layer makes the protocol more media-independent than ARP and makes it possible to use generic IP-layer authentication and security mechanisms as appropriate.

Originally, IPv4 did not have link-local addressing, and it was later bolted on to fill a need. When the IETF designed IPv6, it took several things like that and built it into IPv6 from the start. IPv6 requires every IPv6 interface to have a link-local address. That way, all IPv6 hosts are ready to participate, at least, in the local LAN when they are enabled.

There are multiple IPv6 RFCs that explain aspects of IPv6 link-local addressing.

RFC 4291, IP Version 6 Addressing Architecture, Section 2.5.6 Link-Local IPv6 Unicast Addresses:

Link-Local addresses are designed to be used for addressing on a single link for purposes such as automatic address configuration, neighbor discovery, or when no routers are present.

RFC 4861, Neighbor Discovery for IP version 6 (IPv6):

Using the link-local address to uniquely identify routers on the link has the benefit that the address a router is known by should not change when a site renumbers.

RFC 4862, IPv6 Stateless Address Autoconfiguration:

In the absence of routers, a host can only generate link-local addresses. However, link-local addresses are sufficient for allowing communication among nodes attached to the same link.

-and-

link-local address - an address having link-only scope that can be used to reach neighboring nodes attached to the same link. All interfaces have a link-local unicast address.

-and-

Small sites consisting of a set of machines attached to a single link should not require the presence of a DHCPv6 server or router as a prerequisite for communicating. Plug-and-play communication is achieved through the use of link-local addresses. Link-local addresses have a well-known prefix that identifies the (single) shared link to which a set of nodes attach. A host forms a link- local address by appending an interface identifier to the link- local prefix.

There is also RFC 7404, Using Only Link-Local Addressing inside an IPv6 Network.