OpenBSD manual page server

Manual Page Search Parameters

INET6(4) Device Drivers Manual INET6(4)

inet6Internet protocol version 6 family

#include <sys/types.h>
#include <netinet/in.h>

The inet6 family is an updated version of the inet(4) family. While inet(4) implements Internet Protocol version 4, inet6 implements Internet Protocol version 6.

The inet6 family is comprised of the Internet Protocol version 6 (IPv6) network protocol, Internet Control Message Protocol version 6 (ICMPv6), Transmission Control Protocol (TCP), and User Datagram Protocol (UDP). TCP is used to support the SOCK_STREAM abstraction while UDP is used to support the SOCK_DGRAM abstraction. Note that TCP and UDP are common to inet(4) and inet6. A raw interface to IPv6 is available by creating an Internet socket of type SOCK_RAW. The ICMPv6 message protocol is accessible from a raw socket.

For security reasons, OpenBSD does not route IPv4 traffic to an AF_INET6 socket, and does not support IPv4 mapped addresses, where IPv4 traffic is seen as if it comes from an IPv6 address like ::ffff:10.1.1.1. Where both IPv4 and IPv6 traffic need to be accepted, listen on two sockets.

It is also advisable to explicitly reject all packets to your network not used by any of your interface prefixes. Otherwise packets that have a destination address belonging to your network may be routed back to your provider via the default route. Set a reject route for your assigned prefix:

# route add -net 2001:db8::/48 ::1 -reject

IPv6 addresses are 128-bit quantities, stored in network standard byteorder. The include file <netinet/in.h> defines this address as a discriminated union.

Sockets bound to the inet6 family utilize the following addressing structure:

struct sockaddr_in6 {
	u_int8_t	sin6_len;
	sa_family_t	sin6_family;
	in_port_t	sin6_port;
	u_int32_t	sin6_flowinfo;
	struct in6_addr	sin6_addr;
	u_int32_t	sin6_scope_id;
};

Sockets may be created with the local address “::” (which is equal to IPv6 address 0:0:0:0:0:0:0:0) to effect “wildcard” matching on incoming messages.

Global addresses utilise the first 48 bits of the address for the routing prefix. The next 16 bits designate the subnet, and the final 64 bits are used as a host identifier.

The IPv6 specification also defines link-local addresses, which are scoped. A scoped address is ambiguous to the kernel if it is specified without a scope identifier. To manipulate scoped addresses properly from userland, programs must use the advanced API defined in RFC 3542. A compact description of the advanced API is available in ip6(4). If scoped addresses are specified without explicit scope, the kernel may raise an error.

KAME supports an extended numeric IPv6 address notation for link-local addresses, such as “fe80::1%de0” to specify “fe80::1” on the “de0” interface. This notation is supported by getaddrinfo(3) and getnameinfo(3), as well as userland programs such as telnet(1) and ftp(1).

Scoped addresses are handled specially in the kernel. In kernel structures like routing tables or interface structures, scoped addresses have their interface index embedded into the address. Therefore the address on some kernel structures is not the same as that on the wire. The embedded index will be visible on PF_ROUTE sockets, kernel memory access via kvm(3), and some other occasions. HOWEVER, users should never use the embedded form.

ioctl(2), socket(2), sysctl(3), icmp6(4), intro(4), ip6(4), tcp(4), udp(4)

Tatsuya Jinmei and Atsushi Onoe, An Extension of Format for IPv6 Scoped Addresses, internet draft, draft-ietf-ipngwg-scopedaddr-format-02.txt, June 2000, work in progress material.

R. Gilligan, S. Thomson, J. Bound, J. McCann, and W. Stevens, Basic Socket Interface Extensions for Ipv6, RFC 3493, February 2003.

W. Stevens, M. Thomas, E. Nordmark, and T. Jinmei, Advanced Sockets Application Programming Interface (API) for IPv6, RFC 3542, May 2003.

The implementation described herein appeared in WIDE/KAME project.

March 27, 2017 OpenBSD-6.1