beautypg.com

Amer Networks E5Web GUI User Manual

Page 141

background image

examines the cOS Core neighbor discovery cache.

Neighbor discovery handling in cOS Core resembles ARP handling in that a cache is maintained
in local memory of IPv6 hosts, retaining information about external host's link-layer and IP
address tuples. Below is a summary of the cOS Core ND cache states (these are also defined in
RFC 4861):

INCOMPLETE

Address resolution is in progress and the link-layer address of the neighbor has not yet been
determined.

REACHABLE

The neighbor is known to have been reachable recently (within the last tens of seconds).

STALE

The neighbor is no longer known to be reachable but until traffic is sent, no attempt will be
made to verify its reachability.

DELAY

The neighbor is no longer known to be reachable and traffic has recently been sent. Before
probing reachability, wait for a short time to allow reachability confirmation.

PROBE

The neighbor is no longer known to be reachable and unicast neighbor solicitation probes
are being sent to verify reachability.

Neighbor entries appear in the cache for the following reasons:

When cOS Core is about to send a packet to a neighbor, an entry is created.

When cOS Core receives neighbor solicitations containing source link-layer address options,
an entry is created.

When static entries are added by the administrator. These are regarded as always being in
the REACHABLE state.

The key advanced settings for neighbor discovery are the following:

NDMatchEnetSender

Check if the Ethernet sender address does not match the sender Ethernet address derived
from the source/target link-layer address option in a packet. This can be a sign of address
spoofing and the default is to have this setting enabled so that non-matching packets are
dropped. In some situations it might be desirable to skip this check.

NDValSenderIP

When enabled, cOS Core requires that the non-link local source address of neighbor
discovery packets match the routing table routes. If they do not, the packets are dropped.

When no such matching routes have been configured, this setting needs to be disabled if the
neighbor discovery packets are to be processed.

NDChanges

If occasional loss of connectivity to certain hosts is being experienced, this setting should be

Chapter 3: Fundamentals

141

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: