What is so special about the 7th bit of the MAC address?
The 7th bit (from the left) of a MAC address is the ‘Universal/Local’ (U/L) bit. This identifies whether this address is locally or universally administered.
MAC addresses need to be unique, so OUIs are assigned to companies, to make sure there is no conflicts. An address like this is ‘Universally administered’. That is, the address (or the first half of it) has been allocated by the IEEE.
However, there are times when a MAC will not be allocated by the IEEE. Some devices make up their own MAC addresses. Your phone may do this when connecting to WiFi (to make it hard for public WiFi providers to track you). Or, if you create a Virtual Machine, the address will be allocated by the hypervisor. These are locally administered addresses.
0 = universally administered, 1 = locally administered
Why do we invert the 7th bit?
This bit changes meaning when it is used in an EUI64 address. In the EUI64 format, the “u” bit is set to 1 if it is a universal scope, and 0 for a local scope.
Why change the meaning? This makes it easier for administrators that have non-Ethernet interfaces. Remember that MAC addresses are part of the Ethernet protocol.
What if you have a serial interface, or a virtual tunnel? These don’t have MAC addresses, so you have to configure an ‘identifier’ that can be used with EUI64 to create the host portion of the address.
When configuring these identifiers, it’s just easier when the ‘u’ bit is 0.
In practice, this is not something you need to pass the exam or use in the real world very often (if ever)
What type of IP address does a router need for NDP to work?
A link-local address. All NDP traffic is sent from a link-local address, but it might go to another type of address, for example, a multicast address.
Solicited-node multicast addresses use 24-bits of the IP address. Could several devices be in the same group? Would this be a problem?
Yes, it is possible that a few devices with unique IP addresses might share the same last 24-bits.
For example, 2001:db8::7c00:123 /64 and 2001:db8::2400:123 /64 are on the same link (subnet), but share the same last 24-bits. This would put them in the same solicited-node multicast group.
This does not cause a problem for NDP. The worst that will happen is that the NDP messages, such as Router Solicitation and Neighbour Solicitation messages, will be sent to a few devices. A few devices is still more efficient than all devices.
Why does the router send RA messages to all IPv6 nodes, not just to the node that sent the RS message?
Router Advertisements are not only used when requesting an IP through SLAAC. A router will periodically send out RAs to make sure that all IPv6 devices on the link are up to date.
It’s important that these ‘refresh’ messages go to all IPv6 devices.
This is why RAs in general go to the ‘All IPv6 nodes’ multicast group (ff02::1), whether they’re used with SLAAC or anything else
If the MAC address makes an address unique, why use Duplicate Address Detection?
Because IP addresses could be assigned in other ways, for example, a DHCP reservation, or a statically configured IP. Although the odds are low, these could conflict.
Additionally, in some cases, MAC addresses aren’t guaranteed to be unique. For example, when MAC addresses are auto-generated in software. This is common with virtual machines (which don’t have a hardware MAC), or with smartphones that regularly randomize their MAC for security.
What are two ways we can configure an interface with an EUI-64 address?
One way is to configure SLAAC:
ipv6 address autoconfig
The other is to configure EUI-64 manually:
ipv6 address 2001:db8 eui-64