OpenBSD manual page server

Manual Page Search Parameters

INET6(4) Device Drivers Manual INET6(4)

inet6Internet protocol version 6 family

#include <sys/types.h>
#include <netinet/in.h>

The Internet Protocol version 6 family is an updated version of the Internet Protocol version 4 family. It comprises Internet Protocol version 6 (IPv6), Internet Control Message Protocol version 6 (ICMPv6), Transmission Control Protocol (TCP), and User Datagram Protocol (UDP). tcp(4) is used to support the SOCK_STREAM abstraction while udp(4) is used to support the SOCK_DGRAM abstraction. A raw interface to IPv6 is available by creating an Internet socket of type SOCK_RAW. The ICMPv6 message protocol is accessible from a raw socket.

IPv6 addresses are 128-bit quantities, stored in network standard byteorder. The include file <netinet/in.h> defines this address as a discriminated union.

Sockets bound to the inet6 family utilize the following addressing structure:

struct sockaddr_in6 {
	u_int8_t	sin6_len;
	sa_family_t	sin6_family;
	in_port_t	sin6_port;
	u_int32_t	sin6_flowinfo;
	struct in6_addr	sin6_addr;
	u_int32_t	sin6_scope_id;
};

Sockets may be created with the local address “::” (which is equal to IPv6 address 0:0:0:0:0:0:0:0) to effect “wildcard” matching on incoming messages.

For security reasons, OpenBSD does not route IPv4 traffic to an AF_INET6 socket, and does not support IPv4 mapped addresses, where IPv4 traffic is seen as if it comes from an IPv6 address like “::ffff:10.1.1.1”. Where both IPv4 and IPv6 traffic need to be accepted, bind and listen on two sockets.

Global addresses utilise the first 48 bits of the address for the routing prefix. The next 16 bits designate the subnet, and the final 64 bits are used as a host identifier.

The IPv6 specification also defines link-local addresses, which are scoped. A scoped address is ambiguous to the kernel if it is specified without a scope identifier. To manipulate scoped addresses properly from userland, programs must use the advanced API defined in RFC 3542. A compact description of the advanced API is available in ip6(4). If scoped addresses are specified without explicit scope, the kernel may raise an error.

KAME supports an extended numeric IPv6 address notation for link-local addresses, such as “fe80::1%de0” to specify “fe80::1” on the “de0” interface. This notation is supported by getaddrinfo(3) and getnameinfo(3), as well as userland programs such as telnet(1) and ftp(1).

Scoped addresses are handled specially in the kernel. In kernel structures like routing tables or interface structures, scoped addresses have their interface index embedded into the address. Therefore the address on some kernel structures is not the same as that on the wire. The embedded index will be visible on PF_ROUTE sockets, kernel memory access via kvm(3), and some other occasions. HOWEVER, users should never use the embedded form.

Generally speaking, IPv6 connectivity is achieved in a fashion similar to that for IPv4. For native IPv6 setup, routers attach to the network either manually or using autoconf to connect to an ISP; hosts receive an address prefix from a router advertisement daemon such as rad(8) and use autoconf for stateless address configuration (SLAAC). For setups which tunnel IPv6 over IPv4, see gif(4).

The INET6 and TUNNEL sections of ifconfig(8) contain information relevant to IPv6 setups; settings can be made permanent using hostname.if(5) files. Routers need to set the net.inet6.ip6.forwarding sysctl(2).

socket(2), icmp6(4), ip6(4), tcp(4), udp(4), hostname.if(5), ifconfig(8), rad(8)

Tatsuya Jinmei and Atsushi Onoe, An Extension of Format for IPv6 Scoped Addresses, internet draft, draft-ietf-ipngwg-scopedaddr-format-02.txt, June 2000, work in progress material.

R. Gilligan, S. Thomson, J. Bound, J. McCann, and W. Stevens, Basic Socket Interface Extensions for Ipv6, RFC 3493, February 2003.

W. Stevens, M. Thomas, E. Nordmark, and T. Jinmei, Advanced Sockets Application Programming Interface (API) for IPv6, RFC 3542, May 2003.

The implementation described herein appeared in WIDE/KAME project.

It is advisable to explicitly reject all packets to your network not used by any of your interface prefixes. Otherwise packets that have a destination address belonging to your network may be routed back to your provider via the default route. Set a reject route for your assigned prefix:

# route add -net 2001:db8::/48 ::1 -reject
May 14, 2019 OpenBSD-6.9