diff options
Diffstat (limited to 'static/freebsd/man4/inet6.4 3.html')
| -rw-r--r-- | static/freebsd/man4/inet6.4 3.html | 301 |
1 files changed, 0 insertions, 301 deletions
diff --git a/static/freebsd/man4/inet6.4 3.html b/static/freebsd/man4/inet6.4 3.html deleted file mode 100644 index f9bf58a0..00000000 --- a/static/freebsd/man4/inet6.4 3.html +++ /dev/null @@ -1,301 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">INET6(4)</td> - <td class="head-vol">Device Drivers Manual</td> - <td class="head-rtitle">INET6(4)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">inet6</code> — <span class="Nd">Internet - protocol version 6 family</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp"><code class="In">#include - <<a class="In">sys/types.h</a>></code> - <br/> - <code class="In">#include <<a class="In">netinet/in.h</a>></code></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <code class="Nm">inet6</code> family is an updated version of - <a class="Xr">inet(4)</a> family. While <a class="Xr">inet(4)</a> implements - Internet Protocol version 4, <code class="Nm">inet6</code> implements - Internet Protocol version 6.</p> -<p class="Pp" id="Internet"><code class="Nm">inet6</code> is a collection of - protocols layered atop the - <a class="permalink" href="#Internet"><i class="Em">Internet Protocol - version 6</i></a> (IPv6) transport layer, and utilizing the IPv6 address - format. The <code class="Nm">inet6</code> family provides protocol support - for the <code class="Dv">SOCK_STREAM</code>, - <code class="Dv">SOCK_DGRAM</code>, and <code class="Dv">SOCK_RAW</code> - socket types; the <code class="Dv">SOCK_RAW</code> interface provides access - to the IPv6 protocol.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="ADDRESSING"><a class="permalink" href="#ADDRESSING">ADDRESSING</a></h1> -<p class="Pp">IPv6 addresses are 16 byte quantities, stored in network standard - byteorder. The include file - <code class="In"><<a class="In">netinet/in.h</a>></code> defines this - address as a discriminated union.</p> -<p class="Pp">Sockets bound to the <code class="Nm">inet6</code> family utilize - the following addressing structure:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>struct sockaddr_in6 { - uint8_t sin6_len; - sa_family_t sin6_family; - in_port_t sin6_port; - uint32_t sin6_flowinfo; - struct in6_addr sin6_addr; - uint32_t sin6_scope_id; -};</pre> -</div> -<p class="Pp">Sockets may be created with the local address - “<code class="Dv">::</code>” (which is equal to IPv6 address - <code class="Dv">0:0:0:0:0:0:0:0</code>) to effect “wildcard” - matching on incoming messages.</p> -<p class="Pp">The IPv6 specification defines scoped addresses, like link-local - or site-local addresses. A scoped address is ambiguous to the kernel, if it - is specified without a scope identifier. To manipulate scoped addresses - properly from the userland, programs must use the advanced API defined in - RFC2292. A compact description of the advanced API is available in - <a class="Xr">ip6(4)</a>. If a scoped address is specified without an - explicit scope, the kernel may raise an error. Note that scoped addresses - are not for daily use at this moment, both from a specification and an - implementation point of view.</p> -<p class="Pp">The KAME implementation supports an extended numeric IPv6 address - notation for link-local addresses, like - “<code class="Li">fe80::1%de0</code>” to specify - “<code class="Li">fe80::1</code> on <code class="Li">de0</code> - interface”. This notation is supported by - <a class="Xr">getaddrinfo(3)</a> and <a class="Xr">getnameinfo(3)</a>. Some - of normal userland programs, such as <a class="Xr">telnet(1)</a> or - <a class="Xr">ftp(1)</a>, are able to use this notation. With special - programs like <a class="Xr">ping(8)</a>, you can specify the outgoing - interface by an extra command line option to disambiguate scoped - addresses.</p> -<p class="Pp">Scoped addresses are handled specially in the kernel. In kernel - structures like routing tables or interface structures, a scoped address - will have its interface index embedded into the address. Therefore, the - address in some kernel structures is not the same as that on the wire. The - embedded index will become visible through a - <code class="Dv">PF_ROUTE</code> socket, kernel memory accesses via - <a class="Xr">kvm(3)</a> and on some other occasions. HOWEVER, users should - never use the embedded form. For details please consult - <span class="Pa">IMPLEMENTATION</span> supplied with KAME kit.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="PROTOCOLS"><a class="permalink" href="#PROTOCOLS">PROTOCOLS</a></h1> -<p class="Pp">The <code class="Nm">inet6</code> family is comprised of the IPv6 - network protocol, Internet Control Message Protocol version 6 (ICMPv6), - Transmission Control Protocol (TCP), and User Datagram Protocol (UDP). TCP - is used to support the <code class="Dv">SOCK_STREAM</code> abstraction while - UDP is used to support the <code class="Dv">SOCK_DGRAM</code> abstraction. - Note that TCP and UDP are common to <a class="Xr">inet(4)</a> and - <code class="Nm">inet6</code>. A raw interface to IPv6 is available by - creating an Internet socket of type <code class="Dv">SOCK_RAW</code>. The - ICMPv6 message protocol is accessible from a raw socket.</p> -<section class="Ss"> -<h2 class="Ss" id="MIB_Variables"><a class="permalink" href="#MIB_Variables">MIB - Variables</a></h2> -<p class="Pp">A number of variables are implemented in the - <var class="Va">net.inet6</var> branch of the <a class="Xr">sysctl(3)</a> - MIB. In addition to the variables supported by the transport protocols (for - which the respective manual pages may be consulted), the following general - variables are defined:</p> -<dl class="Bl-tag"> - <dt id="IPV6CTL_FORWARDING"><a class="permalink" href="#IPV6CTL_FORWARDING"><code class="Dv">IPV6CTL_FORWARDING</code></a></dt> - <dd>(ip6.forwarding) Boolean: enable/disable forwarding of IPv6 packets. Also, - identify if the node is acting as a router. Defaults to off.</dd> - <dt id="IPV6CTL_SENDREDIRECTS"><a class="permalink" href="#IPV6CTL_SENDREDIRECTS"><code class="Dv">IPV6CTL_SENDREDIRECTS</code></a></dt> - <dd>(ip6.redirect) Boolean: enable/disable sending of ICMPv6 redirects in - response to unforwardable IPv6 packets. This option is ignored unless the - node is routing IPv6 packets, and should normally be enabled on all - systems. Defaults to on.</dd> - <dt id="IPV6CTL_DEFHLIM"><a class="permalink" href="#IPV6CTL_DEFHLIM"><code class="Dv">IPV6CTL_DEFHLIM</code></a></dt> - <dd>(ip6.hlim) Integer: default hop limit value to use for outgoing IPv6 - packets. This value applies to all the transport protocols on top of IPv6. - There are APIs to override the value.</dd> - <dt id="IPV6CTL_MAXFRAGS"><a class="permalink" href="#IPV6CTL_MAXFRAGS"><code class="Dv">IPV6CTL_MAXFRAGS</code></a></dt> - <dd>(ip6.maxfrags) Integer: maximum number of fragments the host will accept - and simultaneously hold across all reassembly queues in all VNETs. If set - to 0, fragment reassembly is disabled. If set to -1, this limit is not - applied. This limit is recalculated when the number of mbuf clusters is - changed. This is a global limit.</dd> - <dt id="IPV6CTL_MAXFRAGPACKETS"><a class="permalink" href="#IPV6CTL_MAXFRAGPACKETS"><code class="Dv">IPV6CTL_MAXFRAGPACKETS</code></a></dt> - <dd>(ip6.maxfragpackets) Integer: maximum number of fragmented packets the - node will accept and simultaneously hold in the reassembly queue for a - particular VNET. 0 means that the node will not accept any fragmented - packets for that VNET. -1 means that the node will not apply this limit - for that VNET. This limit is recalculated when the number of mbuf clusters - is changed. This is a per-VNET limit.</dd> - <dt id="IPV6CTL_MAXFRAGBUCKETSIZE"><a class="permalink" href="#IPV6CTL_MAXFRAGBUCKETSIZE"><code class="Dv">IPV6CTL_MAXFRAGBUCKETSIZE</code></a></dt> - <dd>(ip6.maxfragbucketsize) Integer: maximum number of reassembly queues per - bucket. Fragmented packets are hashed to buckets. Each bucket has a list - of reassembly queues. The system must compare the incoming packets to the - existing reassembly queues in the bucket to find a matching reassembly - queue. To preserve system resources, the system limits the number of - reassembly queues allowed in each bucket. This limit is recalculated when - the number of mbuf clusters is changed or when the value of - <var class="Va">ip6.maxfragpackets</var> changes. This is a per-VNET - limit.</dd> - <dt id="IPV6CTL_MAXFRAGSPERPACKET"><a class="permalink" href="#IPV6CTL_MAXFRAGSPERPACKET"><code class="Dv">IPV6CTL_MAXFRAGSPERPACKET</code></a></dt> - <dd>(ip6.maxfragsperpacket) Integer: maximum number of fragments the host will - accept and hold in the ressembly queue for a packet. This is a per-VNET - limit.</dd> - <dt id="IPV6CTL_ACCEPT_RTADV"><a class="permalink" href="#IPV6CTL_ACCEPT_RTADV"><code class="Dv">IPV6CTL_ACCEPT_RTADV</code></a></dt> - <dd>(ip6.accept_rtadv) Boolean: the default value of a per-interface flag to - enable/disable receiving of ICMPv6 router advertisement packets, and - autoconfiguration of address prefixes and default routers. The node must - be a host (not a router) for the option to be meaningful. Defaults to - off.</dd> - <dt id="IPV6CTL_AUTO_LINKLOCAL"><a class="permalink" href="#IPV6CTL_AUTO_LINKLOCAL"><code class="Dv">IPV6CTL_AUTO_LINKLOCAL</code></a></dt> - <dd>(ip6.auto_linklocal) Boolean: the default value of a per-interface flag to - enable/disable performing automatic link-local address configuration. - Defaults to on.</dd> - <dt id="IPV6CTL_LOG_INTERVAL"><a class="permalink" href="#IPV6CTL_LOG_INTERVAL"><code class="Dv">IPV6CTL_LOG_INTERVAL</code></a></dt> - <dd>(ip6.log_interval) Integer: default interval between IPv6 packet - forwarding engine log output (in seconds).</dd> - <dt id="IPV6CTL_HDRNESTLIMIT"><a class="permalink" href="#IPV6CTL_HDRNESTLIMIT"><code class="Dv">IPV6CTL_HDRNESTLIMIT</code></a></dt> - <dd>(ip6.hdrnestlimit) Integer: default number of the maximum IPv6 extension - headers permitted on incoming IPv6 packets. If set to 0, the node will - accept as many extension headers as possible.</dd> - <dt id="IPV6CTL_DAD_COUNT"><a class="permalink" href="#IPV6CTL_DAD_COUNT"><code class="Dv">IPV6CTL_DAD_COUNT</code></a></dt> - <dd>(ip6.dad_count) Integer: default number of IPv6 DAD (duplicated address - detection) probe packets. The packets will be generated when IPv6 - interface addresses are configured.</dd> - <dt id="IPV6CTL_GRAND_COUNT"><a class="permalink" href="#IPV6CTL_GRAND_COUNT"><code class="Dv">IPV6CTL_GRAND_COUNT</code></a></dt> - <dd>(ip6.grand_count) Integer: default number of IPv6 GRAND (gratuitous - neighbor discovery) unsolicited NA packets. The packets will be generated - when IPv6 interface addresses are configured or when there are changes to - link-layer interface addresses.</dd> - <dt id="IPV6CTL_AUTO_FLOWLABEL"><a class="permalink" href="#IPV6CTL_AUTO_FLOWLABEL"><code class="Dv">IPV6CTL_AUTO_FLOWLABEL</code></a></dt> - <dd>(ip6.auto_flowlabel) Boolean: enable/disable automatic filling of IPv6 - flowlabel field, for outstanding connected transport protocol packets. The - field might be used by intermediate routers to identify packet flows. - Defaults to on.</dd> - <dt id="IPV6CTL_DEFMCASTHLIM"><a class="permalink" href="#IPV6CTL_DEFMCASTHLIM"><code class="Dv">IPV6CTL_DEFMCASTHLIM</code></a></dt> - <dd>(ip6.defmcasthlim) Integer: default hop limit value for an IPv6 multicast - packet sourced by the node. This value applies to all the transport - protocols on top of IPv6. There are APIs to override the value as - documented in <a class="Xr">ip6(4)</a>.</dd> - <dt id="IPV6CTL_GIF_HLIM"><a class="permalink" href="#IPV6CTL_GIF_HLIM"><code class="Dv">IPV6CTL_GIF_HLIM</code></a></dt> - <dd>(ip6.gifhlim) Integer: default maximum hop limit value for an IPv6 packet - generated by <a class="Xr">gif(4)</a> tunnel interface.</dd> - <dt id="IPV6CTL_KAME_VERSION"><a class="permalink" href="#IPV6CTL_KAME_VERSION"><code class="Dv">IPV6CTL_KAME_VERSION</code></a></dt> - <dd>(ip6.kame_version) String: identifies the version of KAME IPv6 stack - implemented in the kernel.</dd> - <dt id="IPV6CTL_USE_DEPRECATED"><a class="permalink" href="#IPV6CTL_USE_DEPRECATED"><code class="Dv">IPV6CTL_USE_DEPRECATED</code></a></dt> - <dd>(ip6.use_deprecated) Boolean: enable/disable use of deprecated address, - specified in RFC2462 5.5.4. Defaults to on.</dd> - <dt id="IPV6CTL_RR_PRUNE"><a class="permalink" href="#IPV6CTL_RR_PRUNE"><code class="Dv">IPV6CTL_RR_PRUNE</code></a></dt> - <dd>(ip6.rr_prune) Integer: default interval between IPv6 router renumbering - prefix babysitting, in seconds.</dd> - <dt id="IPV6CTL_V6ONLY"><a class="permalink" href="#IPV6CTL_V6ONLY"><code class="Dv">IPV6CTL_V6ONLY</code></a></dt> - <dd>(ip6.v6only) Boolean: enable/disable the prohibited use of IPv4 mapped - address on <code class="Dv">AF_INET6</code> sockets. Defaults to on.</dd> - <dt id="ip6.log_cannot_forward"><var class="Va">ip6.log_cannot_forward</var></dt> - <dd>Boolean: log packets that can't be forwarded because of unspecified source - address or destination address beyond the scope of the source address as - described in RFC4443. Enabled by default.</dd> - <dt id="ip6.source_address_validation"><var class="Va">ip6.source_address_validation</var></dt> - <dd>Boolean: perform source address validation for packets destined for the - local host. Consider this as following Section 3.2 of RFC3704/BCP84, where - we treat local host as our own infrastructure. This has no effect on - packets to be forwarded, so don't consider it as anti-spoof feature for a - router. Enabled by default.</dd> -</dl> -</section> -<section class="Ss"> -<h2 class="Ss" id="Interaction_between_IPv4/v6_sockets"><a class="permalink" href="#Interaction_between_IPv4/v6_sockets">Interaction - between IPv4/v6 sockets</a></h2> -<p class="Pp">By default, <span class="Ux">FreeBSD</span> does not route IPv4 - traffic to <code class="Dv">AF_INET6</code> sockets. The default behavior - intentionally violates RFC2553 for security reasons. Listen to two sockets - if you want to accept both IPv4 and IPv6 traffic. IPv4 traffic may be routed - with certain per-socket/per-node configuration, however, it is not - recommended to do so. Consult <a class="Xr">ip6(4)</a> for details.</p> -<p class="Pp">The behavior of <code class="Dv">AF_INET6</code> TCP/UDP socket is - documented in RFC2553. Basically, it says this:</p> -<ul class="Bl-bullet Bl-compact"> - <li>A specific bind on an <code class="Dv">AF_INET6</code> socket - (<a class="Xr">bind(2)</a> with an address specified) should accept IPv6 - traffic to that address only.</li> - <li>If you perform a wildcard bind on an <code class="Dv">AF_INET6</code> - socket (<a class="Xr">bind(2)</a> to IPv6 address - <code class="Li">::</code>), and there is no wildcard bind - <code class="Dv">AF_INET</code> socket on that TCP/UDP port, IPv6 traffic - as well as IPv4 traffic should be routed to that - <code class="Dv">AF_INET6</code> socket. IPv4 traffic should be seen as if - it came from an IPv6 address like <code class="Li">::ffff:10.1.1.1</code>. - This is called an IPv4 mapped address.</li> - <li>If there are both a wildcard bind <code class="Dv">AF_INET</code> socket - and a wildcard bind <code class="Dv">AF_INET6</code> socket on one TCP/UDP - port, they should behave separately. IPv4 traffic should be routed to the - <code class="Dv">AF_INET</code> socket and IPv6 should be routed to the - <code class="Dv">AF_INET6</code> socket.</li> -</ul> -<p class="Pp">However, RFC2553 does not define the ordering constraint between - calls to <a class="Xr">bind(2)</a>, nor how IPv4 TCP/UDP port numbers and - IPv6 TCP/UDP port numbers relate to each other (should they be integrated or - separated). Implemented behavior is very different from kernel to kernel. - Therefore, it is unwise to rely too much upon the behavior of - <code class="Dv">AF_INET6</code> wildcard bind sockets. It is recommended to - listen to two sockets, one for <code class="Dv">AF_INET</code> and another - for <code class="Dv">AF_INET6</code>, when you would like to accept both - IPv4 and IPv6 traffic.</p> -<p class="Pp">It should also be noted that malicious parties can take advantage - of the complexity presented above, and are able to bypass access control, if - the target node routes IPv4 traffic to <code class="Dv">AF_INET6</code> - socket. Users are advised to take care handling connections from IPv4 mapped - address to <code class="Dv">AF_INET6</code> sockets.</p> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">ioctl(2)</a>, <a class="Xr">socket(2)</a>, - <a class="Xr">sysctl(3)</a>, <a class="Xr">icmp6(4)</a>, - <a class="Xr">intro(4)</a>, <a class="Xr">ip6(4)</a>, - <a class="Xr">tcp(4)</a>, <a class="Xr">udp(4)</a></p> -<p class="Pp"><cite class="Rs"><span class="RsA">A. Conta</span>, - <span class="RsA">S. Deering</span>, and <span class="RsA">M. Gupta</span>, - <span class="RsT">Internet Control Message Protocol (ICMPv6) for the - Internet Protocol Version 6 (IPv6) Specification</span>, - <span class="RsR">RFC 4443</span>, <span class="RsD">March - 2006</span>.</cite></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="STANDARDS"><a class="permalink" href="#STANDARDS">STANDARDS</a></h1> -<p class="Pp"><cite class="Rs"><span class="RsA">Tatsuya Jinmei</span> and - <span class="RsA">Atsushi Onoe</span>, <span class="RsT">An Extension of - Format for IPv6 Scoped Addresses</span>, <span class="RsR">internet - draft</span>, - <span class="RsN">draft-ietf-ipngwg-scopedaddr-format-02.txt</span>, - <span class="RsD">June 2000</span>, <span class="RsO">work in progress - material</span>.</cite></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">inet6</code> protocol interfaces are defined - in RFC2553 and RFC2292. The implementation described herein appeared in the - WIDE/KAME project.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="BUGS"><a class="permalink" href="#BUGS">BUGS</a></h1> -<p class="Pp">The IPv6 support is subject to change as the Internet protocols - develop. Users should not depend on details of the current implementation, - but rather the services exported.</p> -<p class="Pp">Users are suggested to implement “version - independent” code as much as possible, as you will need to support - both <a class="Xr">inet(4)</a> and <code class="Nm">inet6</code>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">January 31, 2026</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> |