As an avid reader of RFCs and RFC drafts, I’m always running across little bits of knowledge I either already knew and forgot (I forget a lot of things), or things I didn’t know and wouldn’t have expected. RFC5942, published way back in 2010 (a long time in network engineering terms), discusses a topic I hadn’t much thought about, but is worth understanding (or reviewing).
Assume I’m an IPv4 host. If I have an address of 10.1.1.1, and I’m trying to send a packet to 10.1.1.54, do I send the packet to my default gateway (the first hop router), or do I try to build a MAC header and send it directly to the host itself? If I think the destination is “off link,” then I’ll send it to the default gateway, and if I think it’s “on link,” I’ll send it directly to the destination. How do I know the difference?
If you don’t know the answer, you shouldn’t be calling yourself a network engineer — but for review… I use either the subnet mask or the length to decide. Let’s assume I want to use the prefix length (since I’m not an old fashioned person who uses the subnet mask!). I count off the number of bits indicated in the prefix length of the interface on which I intend to send the packet, and change the rest of the bits in both addresses to 0′s. I compare the two modified addresses (really the two network addresses at this point). If they are the same, the destination is on link. If they are different, the destination is off link.
As you might have guessed by now, IPv6 doesn’t do this. Instead, IPv6 has an actual list (database) of hosts which are considered “on link.” All other hosts are considered off link; traffic to hosts not in the “on link” database is automatically sent to the default gateway for forwarding. The practical implication here is that the address given to a pair of hosts doesn’t have anything to do with the way traffic is forwarded between them. You can have two hosts, 2001:DB8::1:1/112 and 2001:DB8::2:1/112, that are on the same local network, and you could have two others, 2001:DB8::1:1/112 and 2001:DB8::1:2/112, that are not.
How is this magical database of on link addresses built? There are three methods outlined in RFC5942:
- An address is included in the router advertisement with the L bit set
- Manual (or other) configuration
- A redirect from the default gateway
This last is probably the most common mechanism. A host will send any packet to a destination for which there is no “on link” database entry to the default gateway. If the destination is actually “on link,” the default gateway will forward the packet and then send a redirect to tell the sender that packets to this destination should be sent directly to the destination.
RFC5942 provides a good deal of text around the issues involved in the on link/off link determination, including some security pointers and other considerations. It’s well worth reading if you’re not familiar with this piece of IPv6′s operation.