Skip to main content

Appendix D. Summary of IsRouter Rules

This appendix summarizes the rules for maintaining and using the IsRouter flag in Neighbor Cache entries.

D.1. Overview

The IsRouter flag in a Neighbor Cache entry indicates whether a neighbor is known to be a router. This information is critical for proper packet forwarding and influences several aspects of Neighbor Discovery behavior.

D.2. Setting the IsRouter Flag

The IsRouter flag is set to TRUE in the following cases:

  1. Router Advertisement Received: When a Router Advertisement is received from a neighbor, the IsRouter flag for that neighbor MUST be set to TRUE.

  2. Neighbor Advertisement with Router Flag: When a Neighbor Advertisement is received with the Router (R) flag set, the IsRouter flag MUST be set to TRUE.

  3. Router Solicitation Sent: When sending a Router Solicitation, if a Neighbor Cache entry is created or already exists for the destination, the implementation MAY set IsRouter to TRUE (though typically Router Solicitations are sent to the all-routers multicast address).

D.3. Clearing the IsRouter Flag

The IsRouter flag is set to FALSE in the following cases:

  1. Neighbor Advertisement without Router Flag: When a Neighbor Advertisement is received with the Router (R) flag clear (set to 0), the IsRouter flag MUST be set to FALSE.

  2. Router Lifetime Expiry: When the Router Lifetime for a router in the Default Router List expires, the IsRouter flag remains TRUE, but the router is removed from the Default Router List.

D.4. Using the IsRouter Flag

The IsRouter flag affects behavior in several ways:

D.4.1. Default Router List Management

  • Only neighbors with IsRouter = TRUE can be added to the Default Router List
  • When IsRouter changes from TRUE to FALSE, the neighbor MUST be removed from the Default Router List

D.4.2. Redirect Message Processing

When processing a Redirect message:

  • If the target of the redirect is different from the destination, the target is being indicated as the better first-hop router
  • The IsRouter flag for the redirect target SHOULD be set to TRUE

D.4.3. Neighbor Advertisement Processing

When a Neighbor Advertisement is received with R=0 from a neighbor with IsRouter=TRUE:

  • Set IsRouter to FALSE
  • Remove the neighbor from the Default Router List
  • This typically indicates the neighbor has ceased to be a router

D.5. Race Conditions and Special Cases

D.5.1. Router Transitioning to Host

When a router transitions to being a host:

  1. Router stops sending Router Advertisements
  2. Router sends Neighbor Advertisement with R=0
  3. Hosts receive NA, set IsRouter=FALSE, remove from Default Router List
  4. Router Lifetime on hosts eventually expires (if not already removed)

D.5.2. Host Transitioning to Router

When a host becomes a router:

  1. New router begins sending Router Advertisements
  2. Hosts receive RA, set IsRouter=TRUE
  3. New router is added to Default Router Lists
  4. Router may send Neighbor Advertisement with R=1 to expedite the process

D.5.3. Simultaneous Messages

If both a Router Advertisement and a Neighbor Advertisement (R=0) are received close together:

  • Process messages in the order received
  • The last message processed determines the final IsRouter state
  • Router Advertisements always set IsRouter=TRUE
  • Neighbor Advertisements with R=0 always set IsRouter=FALSE

D.6. Implementation Guidelines

D.6.1. Initialization

When creating a new Neighbor Cache entry:

  • Default value of IsRouter SHOULD be FALSE
  • Set to TRUE only when confirmed by received messages

D.6.2. Consistency Checks

Implementations SHOULD ensure consistency:

  • If IsRouter=TRUE and no Default Router List entry exists, this is acceptable (neighbor is a router but not a default router)
  • If a Default Router List entry exists but IsRouter=FALSE, this is an error condition that MUST be corrected by removing the router from the list

D.6.3. Logging and Debugging

Implementations SHOULD log transitions of the IsRouter flag for debugging:

  • When IsRouter changes from FALSE to TRUE
  • When IsRouter changes from TRUE to FALSE
  • When a router is removed from the Default Router List due to IsRouter becoming FALSE

D.7. Security Considerations

The IsRouter flag can be manipulated by attackers:

Attack: Malicious Neighbor Advertisement with R=0

  • An attacker sends NA with R=0 for a legitimate router
  • Hosts remove the router from their Default Router Lists
  • Traffic is disrupted

Mitigation:

  • Use SEND (RFC 3971) to authenticate Neighbor Discovery messages
  • Implement reasonable rate limiting on IsRouter flag changes
  • Monitor for suspicious patterns (frequent IsRouter transitions)

D.8. Example State Transitions

Example 1: Normal Router Discovery

Initial: No Neighbor Cache entry
Action: Receive Router Advertisement from fe80::1
Result: Create entry, IsRouter=TRUE, add to Default Router List

Example 2: Router Becomes Unavailable

Initial: IsRouter=TRUE, router in Default Router List
Action: Receive Neighbor Advertisement with R=0
Result: IsRouter=FALSE, remove from Default Router List

Example 3: Redirect to Router

Initial: No Neighbor Cache entry for fe80::2
Action: Receive Redirect message indicating fe80::2 as better router
Result: Create entry, IsRouter=TRUE (implied by redirect target)

D.9. Summary Table

EventAction on IsRouterImpact on Default Router List
Receive RASet TRUEAdd to list (if not present)
Receive NA with R=1Set TRUENo direct impact
Receive NA with R=0Set FALSERemove from list
Receive RedirectSet TRUE (for target)Target becomes preferred router
Router Lifetime expiresNo changeRemove from list
Last updated on