< Home

IPv6 Secure Neighbor Discovery

Overview

In the IPv6 protocol suite, ND is significant in ensuring the availability of neighbors on the local link. However, as network security problems intensify, the security of ND becomes a concern. Standards define several threats to ND security, some of which are described as follows.

Table 1 IPv6 ND attacks

Attack Method

Description

NS/NA spoofing

An attacker sends an authorized node either an NS message with a bogus source link-layer address option or an NA message with a bogus target link-layer address option. Packets from the authorized node are then sent to this link-layer address.

Neighbor unreachability detection (NUD) failure

An attacker repeatedly sends forged NA messages in response to an authorized node's NUD NS messages so that the authorized node cannot detect neighbor unreachability. The consequences of this attack depend on why the neighbor became unreachable and how the authorized node would behave if it knew that the neighbor has become unreachable.

Duplicate address detection (DAD) attack

An attacker responds to every DAD attempt made by a host that accesses the network, claiming that the address is already in use. This is performed to ensure that the host will never obtain an address.

Spoofed Redirect message

An attacker uses the link-local address of the first-hop routing device to send a Redirect message to an authorized host. The authorized host accepts this message because it mistakenly considers that the message came from the first-hop routing device.

Replay attack

An attacker obtains valid messages and replays them. Even if NDP messages are cryptographically protected so that their contents cannot be forged, they are still prone to replay attacks.

Bogus address prefix

An attacker sends a bogus RA message specifying that some prefixes are on-link. If a prefix is on-link, a host will not send any packets that contain this prefix to the routing device. Instead, the host will send NS messages to attempt address resolution, but the NS messages are not responded to. As a result, the host is denied services.

Malicious last-hop routing device

An attacker multicasts bogus RA messages, or unicasts them in response to multicast RS messages, to a host attempting to discover a last-hop routing device. If the host selects the attacker as its default routing device, the attacker is able to function as a man-in-the-middle and intercept all messages exchanged between the host and its destination.

To counter these threats, Secure Neighbor Discovery (SEND) specifies security mechanisms to extend ND. SEND defines cryptographically generated addresses (CGAs), CGA option, and Rivest Shamir Adleman (RSA) Signature option, which are used to ensure that the sender of an ND message is the owner of the message's source address. SEND also defines Timestamp and Nonce options to prevent replay attacks.

  • CGA: contains an IPv6 interface identifier that is generated from a one-way hash of the public key and associated parameters.
  • CGA option: contains information used to verify the sender's CGA, including the public key of the sender. This option is used to check the validity of source IPv6 addresses carried in ND messages.
  • RSA Signature option: contains the hash value of the sender's public key and contains the digital signature generated from the sender's private key and ND messages. This option is used to check the integrity of ND messages and authenticate the identity of the sender.

    If an attacker uses an address that belongs to an authorized node, the attacker must use the node's public key for encryption. Otherwise, the receiver can detect the attempted attack after checking the CGA option. Even if the attacker obtains the public key of the authorized node, the receiver can still detect the attempted attack after checking the digital signature, which is generated from the sender's private key.

  • Timestamp option: a 64-bit unsigned integer field containing a timestamp. The value indicates the number of seconds since January 1, 1970, 00:00 UTC. This option prevents unsolicited advertisement messages and Redirect messages from being replayed. The receiver is expected to ensure that the timestamp of the recently received message is the latest.
  • Nonce option: contains a random number selected by the sender of a solicitation message. This option prevents replay attacks during message exchange. For example, a sender sends an NS message carrying the Nonce option and receives an NA message as a response that also carries the Nonce option; the sender verifies the NA message based on the Nonce option.

To enable IPv6 SEND to protect ND messages that carry CGA and RSA options, configure a CGA IPv6 address on an interface that sends ND messages.

If an interface needs to reject insecure ND messages, you can configure IPv6 SEND for it.

Impact on the System

After IPv6 SEND is configured, constructing and parsing NS, NA, RS, and RA messages will consume extra time, which is used to construct and verify CGA and RSA options.

Procedure

  • Configure a CGA IPv6 address.
    1. Enter the system view.

      system-view

    2. Create a local RSA key pair.

      pki rsa local-key-pair create key-name [ modulus modulus-size ] [ exportable ]

    3. Enter the view of the interface on which a CGA IPv6 address needs to be configured.

      interface interface-type interface-number

    4. Enable IPv6.

      ipv6 enable

    5. Bind the RSA key pair to the interface.

      ipv6 security rsakey-pair key-label

    6. Configure a modifier value and security level for a CGA address.

      ipv6 security modifier sec-level sec-value [ modifier-value ]

    7. Configure a CGA IPv6 address.

      Table 2 Configure a CGA IPv6 address.

      Operation

      Command

      Description

      Configure a CGA IPv6 global unicast address.

      ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length } cga

      After the command is run, a CGA IPv6 global unicast address is generated.

      Configure a CGA IPv6 link-local address.

      ipv6 address ipv6-address link-local cga

      Link-local addresses are used for the communication between nodes on the same local link in ND or stateless address autoconfiguration. The packets with link-local addresses being the source or destination addresses are not forwarded to other links, that is, link-local addresses are valid only on local links.

  • Enable IPv6 SEND.
    1. Enter the system view.

      system-view

    2. (Optional) Set a rate limit for the system to compute or verify the RSA signature in a specified period (1s).

      ipv6 nd security rate-limit ratelimit-value

    3. Enter the interface view.

      interface interface-type interface-number

    4. Enable IPv6.

      ipv6 enable

    5. (Optional) Set the key length allowed on the interface.

      ipv6 nd security key-length { minimum keylen-value | maximum keylen-value } *

    6. (Optional) Set timestamp parameters for ND messages.

      ipv6 nd security timestamp { delta delta-value | drift drift-value | fuzz-factor fuzz-value } *

    7. Enable the strict security mode on the interface.

      ipv6 nd security strict

      If an interface needs to reject insecure ND messages, you can configure IPv6 SEND for it. An ND message is considered insecure if any of the following conditions is met:

      • The received ND message does not carry a CGA or RSA option, meaning that the interface that sent the ND message does not have a CGA address.
      • The key length in the received ND message is out of the range allowed on the interface.
      • The rate of processing the received ND message exceeds the rate limit of the system.
      • The difference between the receive time and the send time of the ND message is out of the range allowed on the interface.

Checking the Security Hardening Result

Parent Topic: Control Plane Security (Level-2)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >