Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Example: Configuring IPv6 Interfaces and Enabling Neighbor Discovery


Understanding IPv6 Neighbor Discovery

IPv6 Neighbor Discovery has many improvements when compared to the corresponding IPv4 protocols.

For instance, Neighbor Discovery moves address resolution to the ICMP layer, which makes it much less media dependent than ARP, as well as adding the ability to use IP layer security when needed.

Additionally, Neighbor Discovery uses link-local addresses. This allows all nodes to maintain their router associations even when the site is renumbered to a new global prefix.

Another improvement worth noting is that Neighbor Discovery messages carry link-layer address information, so a single message (or pair of messages) is all that is needed for nodes to resolve the others’ addresses. No additional address resolution is needed.

Neighbor unreachability detection is built in, making packet delivery much more robust in a changing network. Using neighbor unreachability detection, Neighbor Discovery detects router failures, link failures, and partial link failures such as one-way communication.

And finally, IPv6 router advertisements carry prefixes (including network masks) and support multiple prefixes on the same link. Hosts can learn on-link prefixes from router advertisements or, when the router is configured to withhold them, from redirects as needed.


In addition to all the other improvements it brings to the networking world, Neighbor Discovery also enables address autoconfiguration, namely Stateless Address Autoconfiguration (SLAAC). IPv6 maintains the capability for stateful address assignment through DHCPv6 (and static assignment), but SLAAC provides a lightweight address configuration method that might be desirable in many circumstances.

SLAAC provides plug-and-play IP connectivity in two phases: Phase 1: Link-local address assignment; and then, in Phase 2: Global address assignment.

  • Phase 1—Steps for local connectivity:

    1. Link-Local Address Generation: Any time that a multicast-capable IPv6-enabled interface is turned up, the node generates a link-local address for that interface. This is done by appending an interface identifier to the link-local prefix (FE80::/10). The auto generated link-local address cannot be deleted. However, a new link-local address can also be manually entered, which overwrites the auto generated link-local address.

    2. Duplicate Detection: Before assigning the new link-local address to its interface, the node verifies that the address is unique. This is accomplished by sending a Neighbor Solicitation message destined to the new address. If there is a reply, then the address is a duplicate and the process stops, requiring operator intervention.

    3. Link-Local Address Assignment: If the address is unique, the node assigns it to the interface for which it was generated.

    At this point, the node has IPv6 connectivity to all other nodes on the same link. Phase 2 can only be completed by hosts. The router’s interface addresses must be configured by other means.

  • Phase 2—Steps for global connectivity:

    1. Router Advertisement: The node sends a Router Solicitation to prompt all on-link routers to send it router advertisements. When the router is enabled to provide stateless autoconfiguration support, the router advertisement contains a subnet prefix for use by neighboring hosts.

    2. Global Address Generation: Once it receives a subnet prefix from a router, the host generates a global address by appending the interface id to the supplied prefix.

    3. Duplicate Address Detection: The host again performsDuplicate Address Detection (DAD), this time for the new global address. 4. Global Address Assignment: Assuming that the address is not a duplicate, the host assigns it to the interface.

    This process ensures full IPv6 global connectivity with no manual host configuration and very little router configuration.

Example: Configuring IPv6 Interfaces and Enabling Neighbor Discovery

This example shows how to configure the router or switch to send IPv6 neighbor discovery messages.


In this example, no special configuration beyond device initialization is required.


In this example, all of the interfaces in the sample topology are configured with IPv6 addresses. If you plan to extend IPv6 functionality into your LAN, datacenter, or customer networks, you might want to use Stateless Address Auto-Configuration (SLAAC) and that means configuring router advertisements. SLAAC is an IPv6 protocol that provides some similar functionality to DHCP in IPv4. Using SLAAC, network hosts can autoconfigure a globally unique IPv6 address based on the prefix provided by a nearby router in a router advertisement. This removes the need to explicitly configure every interface in a given section of the network. Router advertisement messages are disabled by default, and you must enable them to take advantage of SLAAC.

To configure the router to send router advertisement messages, you must include at least the following statements in the configuration. All other router advertisement configuration statements are optional.

To configure neighbor discovery, include the following statements. You configure router advertisement on a per-interface basis.

Figure 1 shows a simplified sample topology.

Figure 1: ICMP Router Discover Topology
ICMP Router Discover Topology

This example shows how to make sure that all of the IPv6 hosts attached to the subnets in the sample topology can auto-configure a local EUI-64 address.

CLI Quick Configuration shows the configuration for all of the devices in Figure 1. Step-by-Step Procedure describes the steps on Device R1.


CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.

Device R1

Device R2

Device R3

Device R4

Step-by-Step Procedure

The following example requires you to navigate various levels in the configuration hierarchy. For instructions on how to do that, see Using the CLI Editor in Configuration Mode in the CLI User Guide.

To configure a IPv6 neighbor discovery:

  1. Configure the network interfaces.

    This example shows multiple loopback interface addresses to simulate attached networks.

  2. Enable neighbor discovery.


From configuration mode, confirm your configuration by entering the show interfaces and show protocols commands. If the output does not display the intended configuration, repeat the configuration instructions in this example to correct it.

If you are done configuring the device, enter commit from configuration mode.


To confirm that the configuration is working properly, perform this task:

Checking the Interfaces


Verify that the interfaces are up, and view the assigned EUI-64 addresses.


From operational mode, enter the show interfaces terse command.

user@R1> show interfaces terse


The output shows that all interfaces are configured with the IPv6 (inet6) address family. Each IPv6-enabled interface has two IPv6 addresses; one link-local address, and one global address. The global addresses match those shown in Figure 1. Junos OS automatically creates a link-local address for any interface that is enabled for IPv6 operation. All link-local addresses begin with the fe80::/64 prefix. The host portion of the address is a full 64 bits long and matches the link-local interface identifier. When an interface address is configured using the eui-64 statement, its interface identifier matches the interface identifier of the link-local address. This is because link-local addresses are coded according to the EUI-64 specification.

Pinging the Interfaces


Verify connectivity between the directly connected interfaces.


  1. Determine the remote router’s IPv6 interface address.

    On Device R2, run the show interfaces terse command for the interface that is directly connected to Device R1, and copy the global address into the capture buffer of your terminal emulator.

    user@R2> show interfaces fe-1/2/0.2 terse
  2. On Device R1, run the ping command, using the global address that you copied.

    user@R1> ping 2001:db8:0:1:2a0:a514:0:24c


Junos OS uses the same ping command for both IPv4 and IPv6 testing. The lack of any interior gateway protocol (IGP) in the network limits the ping testing to directly-connected neighbors. Repeat the ping test for other directly connected neighbors.

Checking the IPv6 Neighbor Cache


Display information about the IPv6 neighbors.

After conducting ping testing, you can find an entries for interface addresses in the IPv6 neighbor cache.


From operational mode, enter the show ipv6 neighbors command.

user@R1> show ipv6 neighbors


In IPv6, the Address Resolution Protocol (ARP) has been replaced by the Neighbor Discovery Protocol (NDP). The IPv4 command show arp is replaced by the IPv6 command show ipv6 neighbors. The key pieces of information displayed by this command are the IP address, the MAC (Link Layer) address, and the interface.

Verifying IPv6 Router Advertisements


Confirm that devices can be added to the network using SLAAC by ensuring that router advertisements are working properly.


From operational mode, enter the show ipv6 router-advertisement command.

user@R1> show ipv6 router-advertisement


The output shows that router advertisements are being sent and received on Device R1’s interfaces, indicating that both Device R1 and its directly connected neighbors are configured to generate router-advertisements.

Tracing Neighbor Discovery Events


Perform additional validation by tracing router advertisements.


  1. Configure trace operations.

  2. Run the show log command.

    user@R1> show log ipv6-nd-trace