Palo Alto Live Free Demo!
Palo Alto Live Free Demo!
Starts 2nd August @10 AM IST | By Amar Singh | Live + Lab Access + Certification Support.
Day
Hr
Min
Sec
Register for Free Demo!
USD ($)
$
United States Dollar
India Rupee

IPv6 Neighbor Discovery Protocol (NDP) Explained

Created by Gautam Kumar in Articles 15 Jul 2025
Share
«Understanding Internet Protocol (IP) ...

The Neighbor Discovery Protocol (NDP) in IPv6 enables communication and interaction between nodes within the same link-local scope. It is an alternative to the Address Resolution Protocol (ARP) used in IPv4 addressing.

In this article, we have explained the Neighbor Discovery Protocol (NDP) in detail, including its working, features, and troubleshooting tips. 

Furthermore, our online networking courses provide an efficient way of learning various networking technologies and protocols to help you build a career in IT networks.

What is Neighbor Discovery Protocol (NDP)? 

The Neighbor Discovery Protocol is an IPv6 protocol, and it is essential for handling address autoconfiguration, resolution, and reachability detection.

NDP operates at the link layer and uses Internet Control Message Protocol for IPv6 (ICMPv6) messages to handle various tasks such as address autoconfiguration, address resolution, and neighbor unreachability detection.


CCNA Online TrainingJoin online course for CCNA Certification Training.Explore course
custom banner static image

Functions of Neighbor Discovery Protocol

Neighbor Discovery Protocol delivers several critical services for IPv6 networks: 

1. NDP resolves IPv6 addresses to link-layer (MAC) addresses. 

2. Ensures continued communication with neighboring nodes, detecting issues, and taking corrective actions if a node becomes unreachable. 

3. Enables hosts to locate routers on the local network.

4. Assists nodes in identifying prefixes used on a link for proper address autoconfiguration.

NDP Messages 

The Neighbor Discovery Protocol utilizes 5 ICMPv6 message types to communicate. Key messages include: 


NDP MessagePurposeDescription
Router Solicitation (RS)Discover routers on the local networkSent by hosts to prompt routers to advertise their presence
Router Advertisement (RA)Announce router presence and provide network informationSent by routers to help hosts configure network settings automatically
Neighbor Solicitation (NS)Determine the link-layer address of a neighbor or verify reachabilitySimilar to ARP in IPv4, used to find or verify neighbor addresses
Neighbor Advertisement (NA)Respond to NS messages or announce changes in link-layer addressHelps maintain accurate address mappings
RedirectInform hosts of a better first-hop router for a specific destinationOptimizes routing paths by directing hosts to more efficient routes

How Neighbor Discovery Protocol Works in IPv6?

Here is a detailed step-by-step explanation of how the NDP protocol works. 

Step 1. Address Autoconfiguration: When a device connects to an IPv6 network, it automatically configures its IPv6 address using Stateless Address Autoconfiguration (SLAAC).

Step 2. Router Discovery: The device sends a Router Solicitation (RS) message to discover routers. Routers respond with Router Advertisement (RA) messages, providing network prefix and configuration settings.

Step 3. Prefix Discovery: Routers provide the network prefix in their RA messages, allowing devices to configure their IPv6 addresses properly.

Step 4. Neighbor Discovery: To communicate with another device, a device sends a Neighbor Solicitation (NS) message to find the link-layer (MAC) address corresponding to an IPv6 address. The target device replies with a Neighbor Advertisement (NA) message, including its MAC address.

Step 5. Reachability Detection: Devices send periodic NS messages to check if neighbors' link-layer addresses are still valid. If no response is received, the device updates its neighbor cache accordingly.

Step 6. Duplicate Address Detection (DAD): Before assigning an IPv6 address, a device sends an NS message for the intended address. If no response is received, the address is safe to use. If a response is received, the address is considered duplicate.

Step 7. Neighbor Cache: NDP maintains a neighbor cache, storing mappings between IPv6 addresses and their corresponding MAC addresses. This cache improves efficiency by reducing the need for repeated NS messages.

image showing ndp working

Security Problems in Neighbor Discovery Protocol

While NDP is a powerful protocol, it is not without vulnerabilities. Some common threats include: 

● Neighbor Spoofing: Malicious nodes can send false NA messages, disrupting communication. 

● Router Advertisement Spoofing: Attackers can send fake RA messages to redirect traffic. 

● Denial of Service (DoS)Excessive NS or RA messages can overwhelm a network. 

To mitigate these security concerns, implementing Secure Neighbor Discovery (SEND) is crucial. SEND uses Cryptographically Generated Addresses (CGA) and digital signatures to authenticate NDP messages, preventing spoofing and ensuring message integrity.

Read About Different Cyber Threats

How to Troubleshoot Neighbor Discovery Protocol Issues?

Here are some common tips to troubleshoot issues with the NDP protocol:

● Use tools like ping6 to check basic connectivity between devices. It will help you ensure the connection is established and working.

● Inspect the NDP cache on devices to ensure that the correct mappings between IPv6 addresses and link-layer addresses are present.

● Check whether the ICMPv6 messages (Neighbor Solicitation and Neighbor Advertisement) are not being blocked by firewalls or access control lists (ACLs).

● Use network monitoring tools like tcpdump or Wireshark to analyze network traffic and look for anomalies or missing NDP messages.

● Use tools like radvdump on Unix-based systems to ensure that routers are sending Router Advertisement messages and that hosts are receiving them. 

Advantages of Neighbor Discovery Protocol

1. NDP enables Stateless Address Autoconfiguration (SLAAC), allowing devices to self-configure IPv6 addresses without a DHCP server

2. It uses multicast instead of broadcast, reducing unnecessary network traffic and improving efficiency. 

3. With Secure Neighbor Discovery (SEND), NDP protects against spoofing and man-in-the-middle attacks by using cryptographic authentication. 

4. Devices can automatically discover routers and network settings via Router Advertisements and Router Solicitations. 

5. NDP uses Neighbor Solicitation (NS) and Neighbor Advertisement (NA) for efficient link-layer address resolution, replacing ARP in IPv4. 

6. It prevents address conflicts by performing automatic Duplicate Address Detection before address assignment. 

Disadvantages of Neighbor Discovery Protocol

1. It is vulnerable to Neighbor Spoofing and Denial of Service (DoS) attacks, where malicious devices can impersonate legitimate devices, disrupting network communication. 

2. It does not natively support encryption. While Secure Neighbor Discovery (SEND) can be used to mitigate security risks, it is not widely deployed due to complexity and overhead. 

3. While NDP improves efficiency over ARP, its use of multicast and periodic messages (such as Neighbor Solicitation) can still result in higher overhead, especially in large-scale networks. 

4. Devices that do not support NDP or are running IPv4 might face compatibility issues when interacting with IPv6 devices, especially in mixed network environments. 

5. NDP lacks a centralized management mechanism for address resolution, relying on local devices for the resolution of addresses, which can make troubleshooting more complex.

Neighbor Discovery Protocol (NDP) vs Address Resolution Protocol (ARP)

Now let's understand how Neighbor Discovery Protocol (NDP) is different from Address Resolution Protocol (ARP).


FeatureNDPARP
ProtocolIPv6IPv4
LayerNetwork Layer (Internet Layer)Data Link Layer
Address ResolutionUses Neighbor Solicitation (NS) and Neighbor Advertisement (NA) messagesUses ARP Request and ARP Reply messages
Router DiscoverySupports Router Solicitation (RS) and Router Advertisement (RA) messagesNot supported
Prefix DiscoveryProvides network prefix informationNot supported
AutoconfigurationSupports Stateless Address Autoconfiguration (SLAAC)Not supported
Reachability DetectionPeriodic Neighbor Solicitation (NS) messagesNot supported
SecurityCan use Secure Neighbor Discovery (SEND)Basic security, vulnerable to spoofing
Broadcast/MulticastUses multicast for message deliveryUses broadcast for message delivery

Conclusion 

The Neighbor Discovery Protocol is a cornerstone of IPv6 networking, offering advanced functionalities that surpass its IPv4 counterparts. By facilitating essential services such as address resolution, router discovery, and neighbor unreachability detection, NDP enhances the scalability and flexibility of modern networks.

As networking professionals, it is crucial to master NDP's mechanisms and implement appropriate security measures to safeguard against potential threats. 

BGP in Networking - Full-Form, Uses and ...»
Gautam Kumar

Gautam Kumar is a senior network engineer having more than 7 years of experience in different companies in India. His work experience in network support and operation and maintaining of any network makes him one of the most valuable IT professional in industry. He has been involving in planning, supporting the physical and wireless networks, ...

More... | Author`s Bog | Book a Meeting

Related Articles

#Explore latest news and articles

Introduction to Enhanced Interior Gateway Routing Protocol (EIGRP) 3 Jul 2025

Introduction to Enhanced Interior Gateway Routing Protocol (EIGRP)

Discover everything about EIGRP (Enhanced Interior Gateway Routing Protocol) in networking. Learn its configuration, essential commands, and how it compares to ...
IPv4 vs IPv6 Address: What is the Difference? 12 May 2025

IPv4 vs IPv6 Address: What is the Difference?

Explore the differences between IPv4 and IPv6 address. Compare both IP protocol versions and understand how they differ from each other.
What is UDP in Computer Networks? 17 Jul 2025

What is UDP in Computer Networks?

Explore the User Datagram Protocol (UDP) in the IP Suite. Learn about its features, real-world examples, and key applications in networking.

FAQ

Neighbor Discovery Protocol (NDP) is an IPv6 protocol that enables devices on the same local network to discover each other, resolve addresses, detect reachability, and automatically configure network settings using ICMPv6 messages.
ARP is used in IPv4 for mapping IP addresses to MAC addresses, while NDP performs this role in IPv6 and adds features like router discovery, prefix discovery, autoconfiguration, and reachability detection, making it more versatile and secure.
NDP is used for address resolution, router and prefix discovery, stateless address autoconfiguration, neighbor reachability detection, and redirecting hosts to better routes, facilitating efficient IPv6 network communication.
Neighbor Discovery Protocol operates at the network layer (Internet layer) in the TCP/IP model and is closely associated with the data link layer in the OSI model.
RS (Router Solicitation) messages are sent by hosts to discover routers on the network, while RA (Router Advertisement) messages are sent by routers to announce their presence and provide network configuration information.

Comments (0)

Gautam Kumar

Gautam Kumar

Network Consultant & Full Time Instructor Instructor role
★★★★★ 4.94
Faithful User
Expert Vendor
Golden Classes
King Seller
Fantastic Support
Loyal Writer
+91 8383 96 16 46

Enquire Now

Captcha
Share to your friends

Share

Share this post with others

Contact learning advisor

Captcha image