1. 簡介
位址重複檢測(DAD: Duplicate Address Detection)背景要求:
. 節點在發送路由器公告(RA)之前要獲得唯一的本地鍊路位址。
. IPv6自動配置要求在使用位址之前進行位址重複檢測(DAD)。
. 标準DAD花費較長時間才能完成,因而引入了“樂觀的DAD”(RFC 4429)。
2. 标準DAD過程
(1) 在發送鄰居請求(NS)前,接口必須加入全節點多點傳播位址(FF02::1)和生成IPv6位址的請求節點多點傳播位址(solicited-node multicast address),即接收目的位址為這些IPv6位址的分組。
(2)生成IPv6位址後随機延時一段時間後開始發送用于DAD的鄰居請求(NS)消息。
鄰居請求(NS)消息的源位址為::,目的位址為臨時單點傳播位址的請求節點多點傳播位址
(3) 在DAD過程中位址處于Tentative狀态(“暫時的”)(IFA_F_TENTATIVE)。在完成DAD過程後,tenativeAddr将會被作為“首選的”位址(PreferedAddr)。若發現了重複位址,則該位址變為"廢棄的"位址(deprecatedAddr)。
背後原理:未确定唯一性的位址不能使用
即不能接收目的位址或者發送源位址為此位址的分組,但是與DAD相關的鄰居公告(NA)消息除外。
(4) 以下參數值是Linux作業系統下的預設值,這些參數可根據需要配置:
. 發送鄰居請求(NS)的個數n=1
. 發送間隔Tret=1000ms
3. 位址沖突處理:
(1) 當節點收到目的位址為其正在做DAD檢測位址的鄰居請求(NS)消息時:
. 如果請求的源位址類型為IPV6_ADDR_ANY(全0位址::),則節點從接口上删除這個位址(DAD檢測失敗)
. 否則節點不處理此NS消息
(2) 當節點收到目的位址為其正在做DAD檢測位址的鄰居公告(NA)時,則節點從接口上删除這個位址(DAD檢測失敗)
(3) 如果節點為某個IPv6位址完成DAD檢測後,收到來自其它節點發送的目的位址為此IPv6位址的用作DAD檢測的鄰居請求(NS)消息(此時該請求的源位址為IPV6_ADDR_ANY),則節點應該向全節點位址(ff02::1)發送鄰居公告(NA)。
4. 樂觀的DAD(ODAD: Optimistic DAD)
可參見: RFC 4429 - Optimistic Duplicate Address Detection (DAD) for IPv6
(2) 生成IPv6位址後立即發送用于DAD的鄰居請求(NS)消息
(3) 在DAD過程中引入Optimistic狀态位址
ODAD允許在完成對optimisticAddr的DAD之前使用該位址,
背後原理:未确定唯一性之前位址可以先使用
即能接收目的位址或者發送源位址為此位址的分組。
optimisticAddr在完成DAD之前為Optimistic狀态(IFA_F_OPTIMISTIC)。在完成DAD過程後,optimisticAddr将會被作為“首選的”位址(PreferedAddr)。若發現了重複位址,則該位址變為"廢棄的"位址(deprecatedAddr)。
DAD是移動IPv6(MIPv6)切換時延中所需時間最長的一個階段,RFC 4429中提出的ODAD可以使得在DAD完成之前 節點 可以利用“暫時的”位址進行通信,進而避免了MIPv6切換過程中等待DAD完成後節點才能使用所得到的位址進行通信所造成的延時,因而MIPv6的切換時延将會大大減小。
發送的與Optimisitc位址相關的任何消息不能覆寫已有的鄰居緩存(NC:Neighbour Cache),因而需要對原有協定RFC 2461/2進行修改,以避免在出現位址碰撞的情況下網絡不會中斷:
* 清除針對Optimistic位址的鄰居公告(NA)消息中的‘Override’标志,
以避免鄰居在接收到該NA消息後覆寫其已有的NC表項。
* 不發送源位址為Optimistic位址的鄰居請求(NS)消息。
NS消息中要包含一個發送者鍊路位址選項(SLLAO: Source Link-Layer Address Option)選項, 這可能會破壞鄰居節點的NC.
DAD過程中發送的NS消息源位址為未指定位址, 不攜帶SLLAO選項.
* 如果發送源位址為Optimistic位址的路由器請求(RS)消息,則不能帶有SLLAO選項。
發送的RS消息中可以使用源位址為未指定位址或者不帶有SLLAO選項。
5. RFC 4429中的一些細節要求:
3.1. General
* Optimistic DAD SHOULD .ly be used when the implementation is aware
that the address is based . a most likely unique interface
identifier (such as in [RFC2464]), generated randomly [RFC3041],
or by a well-distributed hash function [RFC3972] or assigned by
Dynamic Host Configuration Protocol for IPv6 (DHCPv6) [RFC3315].
Optimistic DAD 不應當(SHOULD NOT)用于手工配置的位址(即不應當設定IFA_F_OPTIMISTIC标志).
3.2. Modifications to RFC 2461 Neighbor Discovery
* (modifies section 6.3.7) A node MUST NOT send a Router
Solicitation with a SLLAO from an Optimistic Address. Router
Solicitations SHOULD be sent from a non-Optimistic or the
Unspecified Address;
節點可以(MAY)從Optimistic Address發送不包含SLLAO的RS消息.
* (modifies section 7.2.2) A node MUST NOT use an Optimistic Address
as the source address of a Neighbor Solicitation.
* If the . isn't told the SLLAO of the router in an RA, and it
cannot determine this information without breaching the rules
above, it MUST leave the address Tentative until DAD completes
despite being unable to send any packets to the router.
* (modifies section 7.2.2) When a node has a unicast packet to send
from an Optimistic Address to a neighbor, but does not know the
neighbor's link-layer address, it MUST NOT perform Address
Resolution. It SHOULD forward the packet to a default router .
the link in the hope that the packet will be redirected.
Otherwise, it SHOULD buffer the packet until DAD is complete.
3.3 Modifications to RFC 2462 Stateless Address Autoconfiguration
* (modifies section 5.5) A host MAY choose to configure a new address
as an Optimistic Address. A host that does not know the SLLAO
of its router SHOULD NOT configure a new address as Optimistic.
A router SHOULD NOT configure an Optimistic Address.
* (modifies section 5.4.2) The host MUST join the all-nodes multicast
address and the solicited-node multicast address of the
Tentative address. The host SHOULD NOT delay before sending
Neighbor Solicitation messages.
* (modifies section 5.4) The Optimistic Address is configured and
available for use . the interface immediately. The address
MUST be flagged as 'Optimistic'.
* When DAD completes for an Optimistic Address, the address is no
longer Optimistic and it becomes Preferred or Deprecated
according to the rules of RFC 2462.
* (modifies section 5.4.3) The node MUST NOT reply to a Neighbor
Solicitation for an Optimistic Address from the unspecified
address. Receipt of such an NS indicates that the address is a
duplicate, and it MUST be deconfigured as per the .
specified in RFC 2462 for Tentative addresses.
* (modifies section 5.4.3) The node MUST reply to a Neighbor
Solicitation for an Optimistic Address from a unicast address,
but the reply MUST have the Override flag cleared (O=0).
實作: Linux中配置選項CONFIG_IPV6_OPTIMISTIC_DAD
[1] N. Moore, "Optimistic Duplicate Address Detection (DAD) for IPv6", RFC 4429, April 2006.
[2] IPv6: Implement RFC 4429 Optimistic Duplicate Address Detection, [url]http://lwn.net/Articles/218597/[/url]
![IP位址不夠用了我的哥?[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)