Configuring nd snooping, Introduction, For dad – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

116

NOTE:
•

The maximum interval for sending RA messages should be less than or equal to the router lifetime in RA
messages, so that the router can be updated through an RA message before expiration.

•

The values of the NS retransmission timer and the reachable time configured for an interface are sent to
hosts via RA messages. Furthermore, this interface sends NS messages at the interval of the NS

retransmission timer and considers a neighbor reachable within the reachable time.

Configuring the maximum number of attempts to send an NS

message for DAD

An interface sends an NS message for DAD after acquiring an IPv6 address. If the interface does not

receive a response within a specified time (determined by the ipv6 nd ns retrans-timer command), it

continues to send an NS message. If it still does not receive a response after the number of sent attempts
reaches the threshold (specified with the ipv6 nd dad attempts command), the acquired address is

considered usable.
Follow these steps to configure the attempts to send an NS message for DAD:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enter interface view

interface interface-type
interface-number

—

Configure the number of attempts
to send an NS message for DAD

ipv6 nd dad attempts value

Optional
1 by default. When the value argument is

set to 0, DAD is disabled.

Configuring ND snooping

Introduction

The ND snooping feature is used in Layer 2 switching networks. It creates ND snooping entries using

DAD NS messages.
ND snooping entries are used to:

•

Cooperate with the ND detection function. For more information about ND detection, see the
Security Configuration Guide.

•

Cooperate with the IP Source Guard function. For more information about IP source guard, see the
Security Configuration Guide.

•

Work in all SAVI scenarios. For more information about SAVI, see the Security Configuration Guide.

After you enable ND snooping on a VLAN of a device, ND packets received by the interfaces of the

VLAN are redirected to the CPU. When ND snooping is enabled globally, the CPU uses the ND packets

to create or update ND snooping entries comprising source IPv6 address, source MAC address,
receiving VLAN, and receiving port information.
The following items describe how an ND snooping entry is created, updated, and aged out.

1.

Creating an ND snooping entry

The device only uses received DAD NS messages to create ND snooping entries.