1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
<table class="head">
<tr>
<td class="head-ltitle">FAITH(4)</td>
<td class="head-vol">Device Drivers Manual</td>
<td class="head-rtitle">FAITH(4)</td>
</tr>
</table>
<div class="manual-text">
<section class="Sh">
<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
<p class="Pp"><code class="Nm">faith</code> —
<span class="Nd">IPv6-to-IPv4 TCP relay capturing interface</span></p>
</section>
<section class="Sh">
<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1>
<p class="Pp"><code class="Cd">pseudo-device faith</code></p>
</section>
<section class="Sh">
<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
<p class="Pp">The <code class="Nm">faith</code> interface captures IPv6 TCP
traffic, for implementing userland IPv6-to-IPv4 TCP relay like
<a class="Xr">faithd(8)</a>.</p>
<p class="Pp"><code class="Nm">faith</code> interfaces are dynamically created
and destroyed with the <a class="Xr">ifconfig(8)</a>
<code class="Cm">create</code> and <code class="Cm">destroy</code>
subcommands.</p>
<p class="Pp">Special action will be taken when IPv6 TCP traffic is seen on a
router, and the routing table suggests to route it to the
<code class="Nm">faith</code> interface. In this case, the packet will be
accepted by the router, regardless of the list of IPv6 interface addresses
assigned to the router. The packet will be captured by an IPv6 TCP socket,
if it has the <code class="Dv">IN6P_FAITH</code> flag turned on and matching
address/port pairs. As a result, <code class="Nm">faith</code> will let you
capture IPv6 TCP traffic to some specific destination addresses. Userland
programs, such as <a class="Xr">faithd(8)</a> can use this behavior to relay
IPv6 TCP traffic to IPv4 TCP traffic. The program can accept some specific
IPv6 TCP traffic, perform <a class="Xr">getsockname(2)</a> to get the IPv6
destination address specified by the client, and perform
application-specific address mapping to relay IPv6 TCP to IPv4 TCP.</p>
<p class="Pp"><code class="Dv">IN6P_FAITH</code> flag on an IPv6 TCP socket can
be set by using <a class="Xr">setsockopt(2)</a>, with level
<code class="Dv">IPPROTO_IPV6</code> and optname
<code class="Dv">IPv6_FAITH</code>.</p>
<p class="Pp">To handle error reports by ICMPv6, some ICMPv6 packets routed to
an <code class="Nm">faith</code> interface will be delivered to IPv6 TCP, as
well.</p>
<p class="Pp">To understand how <code class="Nm">faith</code> can be used, take
a look at the source code of <a class="Xr">faithd(8)</a>.</p>
<p class="Pp">As the <code class="Nm">faith</code> interface implements
potentially dangerous operations, great care must be taken when configuring
it. To avoid possible misuse, the <a class="Xr">sysctl(8)</a> variable
<code class="Li">net.inet6.ip6.keepfaith</code> must be set to
<code class="Li">1</code> prior to using the interface. When
<code class="Li">net.inet6.ip6.keepfaith</code> is
<code class="Li">0</code>, no packets will be captured by the
<code class="Nm">faith</code> interface.</p>
<p class="Pp">The <code class="Nm">faith</code> interface is intended to be used
on routers, not on hosts.</p>
</section>
<section class="Sh">
<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE
ALSO</a></h1>
<p class="Pp"><a class="Xr">inet(4)</a>, <a class="Xr">inet6(4)</a>,
<a class="Xr">faithd(8)</a></p>
<p class="Pp"><cite class="Rs"><span class="RsA">Jun-ichiro itojun Hagino</span>
and <span class="RsA">Kazu Yamamoto</span>, <span class="RsT">An
IPv6-to-IPv4 transport relay translator</span>, <i class="RsB">RFC 3142</i>,
<a class="RsU" href="ftp://ftp.isi.edu/in-notes/rfc3142.txt">ftp://ftp.isi.edu/in-notes/rfc3142.txt</a>,
<span class="RsD">June 2001</span>.</cite></p>
</section>
<section class="Sh">
<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1>
<p class="Pp">The FAITH IPv6-to-IPv4 TCP relay translator first appeared in the
WIDE hydrangea IPv6 stack.</p>
</section>
</div>
<table class="foot">
<tr>
<td class="foot-date">January 9, 2010</td>
<td class="foot-os">NetBSD 10.1</td>
</tr>
</table>
|
