Skip to main content

2. Review of Inventoried ND Issues

2.1. Multicast May Cause Performance and Reliability Issues

In some cases, ND uses multicast for NSs, NAs, RSs, and RAs. While multicast can be highly efficient in certain scenarios (e.g., in wired networks), multicast can also be inefficient in other scenarios (e.g., in large L2 networks or wireless networks).

Typically, multicast can create a large amount of protocol traffic in large L2 networks. This can consume network bandwidth, increase processing overhead, and degrade network performance [RFC7342].

In wireless networks, multicast can be inefficient or even unreliable due to a higher probability of transmission interference, lower data rate, and lack of acknowledgements (Section 3.1 of [RFC9119]).

Multicast-related performance issues of the various ND messages are summarized below:

  • Issue 1: LLA DAD degrades performance

    In an L2 network of N addresses (which can be much larger than the number of hosts, as each host can have multiple addresses), there can be N such multicast messages. This may cause performance issues when N is large.

  • Issue 2: Router's periodic unsolicited RAs drain host's battery

    Multicast RAs are generally limited to one packet every MIN_DELAY_BETWEEN_RAS (3 seconds), and there are usually only one or two routers on the link, so it is unlikely to cause a performance issue. However, for battery-powered hosts, such messages may wake them up and drain their batteries [RFC7772].

  • Issue 3: GUA DAD degrades performance

    This is the same as in Issue 1.

  • Issue 4: Router's address resolution for hosts degrades performance

    This is the same as in Issue 1.

  • Issue 5: Host's address resolution for hosts degrades performance

    This is the same as in Issue 1.

  • Issue for further study: Multicast NAs for host's MAC address changes may degrade performance

    With randomized and changing MAC addresses [MADINAS], there may be many such multicast messages.

In wireless networks, multicast is more likely to cause packet loss. Because DAD treats no response as no duplicate address detected, packet loss may cause duplicate addresses to be undetected. Multicast reliability issues are summarized below:

  • Issue 6: LLA DAD not completely reliable in wireless networks

  • Issue 7: GUA DAD not completely reliable in wireless networks

Note: IPv6 address collisions are extremely unlikely. As a result, these two issues are largely theoretical rather than practical.

In scenarios such as public access networks, some nodes may not be trustworthy. An attacker on the link can cause the following on-link security issues [RFC3756] [RFC9099]:

  • Issue 8: Source IP address spoofing

    An attacker can use another node's IP address as the source address of its ND message to pretend to be that node. The attacker can then launch various Redirect or Denial-of-Service (DoS) attacks.

  • Issue 9: Denial of DAD

    An attacker can repeatedly reply to a victim's DAD messages, causing the victim's address configuration procedure to fail, resulting in a DoS to the victim.

  • Issue 10: Rogue RAs

    An attacker can send RAs to victim hosts to pretend to be a router. The attacker can then launch various Redirect or DoS attacks.

  • Issue 11: Spoofed redirects

    An attacker can send forged Redirects to victim hosts to redirect their traffic to the legitimate router itself.

  • Issue 12: Replay attacks

    An attacker can capture valid ND messages and replay them later.

2.3. Router-NCE-on-Demand May Cause Forwarding Delay, NCE Exhaustion, and Address Accountability Issues

When a router needs to forward a packet to a node but does not yet have a Neighbor-Cache Entry (NCE) for that node, it first creates an NCE in the INCOMPLETE state. The router then multicasts an NS to the node's solicited-node multicast address. When the destination replies with an NA containing its MAC address, the router updates the NCE with that address and changes its state to REACHABLE, thereby completing the entry. This process is referred to as "Router‑NCE‑on‑Demand" in this document.

Router-NCE-on-Demand can cause the following issues:

  • Issue 13: NCE exhaustion

    An attacker can send a high volume of packets targeting non-existent IP addresses, causing the router to create numerous NCEs in the INCOMPLETE state. The resulting resource exhaustion may cause the router to malfunction. This vulnerability, described as "NCE exhaustion" in this document, does not require the attacker to be on-link.

  • Issue 14: Router forwarding delay

    When a packet arrives at a router, the router buffers it while attempting to determine the host's MAC address. This buffering delays forwarding and, depending on the router's buffer size, may lead to packet loss. This delay is referred to as "Router‑NCE‑on‑Demand forwarding delay" in this document.

  • Issue 15: Lack of address accountability

    With SLAAC, hosts generate their IP addresses. The router does not become aware of a host's IP address until an NCE entry is created. With DHCPv6 [RFC8415], the router may not know the host's addresses unless it performs DHCPv6 snooping. In public access networks, where subscriber management often relies on IP address (or prefix) identification, this lack of address accountability poses a challenge [AddrAcc]. Without knowledge of the host's IP address, network administrators are unable to effectively manage subscribers, which is particularly problematic in public access networks. Moreover, once a router has created its NCEs, ND [RFC4861] provides no mechanism to retrieve them for management or monitoring, as noted in Section 2.6.1 of [RFC9099].

2.4. Summary of ND Issues

The ND issues, as discussed in Sections 2.1, 2.2, and 2.3, are summarized below. These issues stem from three primary causes: multicast, Trusting-all-nodes, and Router-NCE-on-Demand. Eliminating any of these causes would also mitigate the corresponding issues. These observations provide guidance for addressing and preventing ND-related issues.

  1. Multicast-related issues:

    • Performance issues:

      • Issue 1: LLA DAD degrades performance
      • Issue 2: Router's periodic unsolicited RAs drain host's battery
      • Issue 3: GUA DAD degrades performance
      • Issue 4: Router's address resolution for hosts degrades performance
      • Issue 5: Host's address resolution for hosts degrades performance

    • Reliability issues:

      • Issue 6: LLA DAD not completely reliable in wireless networks
      • Issue 7: GUA DAD not completely reliable in wireless networks

  2. Trusting-all-nodes related issues:

    • Issue 8: Source IP address spoofing
    • Issue 9: Denial of DAD
    • Issue 10: Rogue RAs
    • Issue 11: Spoofed redirects
    • Issue 12: Replay attacks

  3. Router-NCE-on-Demand related issues:

    • Issue 13: NCE exhaustion
    • Issue 14: Router forwarding delay
    • Issue 15: Lack of address accountability

These issues are potential vulnerabilities and may not manifest in all usage scenarios.

When these issues may occur in a specific deployment, it is advisable to consider the mitigation solutions available. They are described in the following section.

Last updated on