IPv6 neighbor discovery proxy restricts IPv6 hosts within a VLAN from communicating directly with each other and allows them
to communicate only via the gateway. A device operating as an IPv6 neighbor discovery proxy responds to packets on behalf
of the target.
IPv6 neighbor discovery proxy operations are achieved using the following implementations:
IPv6 Routing-Proxy
A device operating as an IPv6 routing proxy listens to all neighbor discovery proxy messages sent on the link and responds
unconditionally to neighbor solicitation lookup and neighbor-unreachability-detection messages with neighbor advertisement
(setting the SVI MAC address in the TLLA option) on behalf of the destination hosts to attract the traffic to itself.
IPv6 DAD Proxy
IPv6 DAD proxy feature responds to DAD queries on behalf of a node that owns the queried address. IPv6 DAD proxy depends on
a device tracking database to ensure uniqueness of IPv6 addresses.
When receiving a DAD request from a host for a target, the DAD proxy performs a lookup into the binding table, and if the
lookup returns a location, it sends an neighbor solicitation neighbor-unreachability-detection message to verify that the
target is still alive.
-
If the target replies to the neighbor-unreachability-detection message, the DAD proxy sends back an neighbor advertisement
to the host (setting the SVI MAC address in the TLLA option).
-
If the device does not respond to the neighbor-unreachability-detection message, the DAD proxy does not send any response
to DAD request.