inet6 —
Internet
protocol version 6 family
#include
<sys/types.h>
#include
<netinet/in.h>
The Internet Protocol version 6 family is an updated version of the Internet
Protocol version 4 family. It comprises Internet Protocol version 6 (IPv6),
Internet Control Message Protocol version 6 (ICMPv6), Transmission Control
Protocol (TCP), and User Datagram Protocol (UDP).
tcp(4) is used to support the
SOCK_STREAM
abstraction while
udp(4) is used to support the
SOCK_DGRAM
abstraction. A raw interface to
IPv6 is available by creating an Internet socket of type
SOCK_RAW
. The ICMPv6 message protocol is
accessible from a raw socket.
IPv6 addresses are 128-bit quantities, stored in network standard byteorder. The
include file
<netinet/in.h>
defines this address as a discriminated union.
Sockets bound to the
inet6 family utilize the
following addressing structure:
struct sockaddr_in6 {
u_int8_t sin6_len;
sa_family_t sin6_family;
in_port_t sin6_port;
u_int32_t sin6_flowinfo;
struct in6_addr sin6_addr;
u_int32_t sin6_scope_id;
};
Sockets may be created with the local address “::” (which is equal
to IPv6 address
0:0:0:0:0:0:0:0
) to effect
“wildcard” matching on incoming messages.
For security reasons,
OpenBSD does not route IPv4
traffic to an
AF_INET6
socket, and does not
support IPv4 mapped addresses, where IPv4 traffic is seen as if it comes from
an IPv6 address like “::ffff:10.1.1.1”. Where both IPv4 and IPv6
traffic need to be accepted, bind and listen on two sockets.
Global addresses utilise the first 48 bits of the address for the routing
prefix. The next 16 bits designate the subnet, and the final 64 bits are used
as a host identifier.
The IPv6 specification also defines link-local addresses, which are scoped. A
scoped address is ambiguous to the kernel if it is specified without a scope
identifier. To manipulate scoped addresses properly from userland, programs
must use the advanced API defined in RFC 3542. A compact description of the
advanced API is available in
ip6(4). If scoped addresses are
specified without explicit scope, the kernel may raise an error.
KAME supports an extended numeric IPv6 address notation for link-local
addresses, such as “fe80::1%de0” to specify
“fe80::1” on the “de0” interface. This notation is
supported by
getaddrinfo(3)
and
getnameinfo(3), as well
as userland programs such as
telnet(1) and
ftp(1).
Scoped addresses are handled specially in the kernel. In kernel structures like
routing tables or interface structures, scoped addresses have their interface
index embedded into the address. Therefore the address on some kernel
structures is not the same as that on the wire. The embedded index will be
visible on
PF_ROUTE
sockets, kernel memory
access via
kvm(3), and some other
occasions. HOWEVER, users should never use the embedded form.
Generally speaking, IPv6 connectivity is achieved in a fashion similar to that
for IPv4. For native IPv6 setup, routers attach to the network either manually
or using
autoconf to connect to an ISP; hosts
receive an address prefix from a router advertisement daemon such as
rtadvd(8) and use
autoconf for stateless address configuration
(SLAAC). For setups which tunnel IPv6 over IPv4, see
gif(4).
The
INET6 and
TUNNEL sections of
ifconfig(8) contain
information relevant to IPv6 setups; settings can be made permanent using
hostname.if(5) files.
Routers need to set the
net.inet6.ip6.forwarding
sysctl(2).
socket(2),
icmp6(4),
ip6(4),
tcp(4),
udp(4),
hostname.if(5),
ifconfig(8),
rtadvd(8)
Tatsuya Jinmei and
Atsushi Onoe, An Extension of
Format for IPv6 Scoped Addresses, internet
draft,
draft-ietf-ipngwg-scopedaddr-format-02.txt,
June 2000, work in progress
material.
R. Gilligan,
S. Thomson, J. Bound,
J. McCann, and W. Stevens,
Basic Socket Interface Extensions for Ipv6,
RFC 3493, February
2003.
W. Stevens,
M. Thomas, E. Nordmark, and
T. Jinmei, Advanced Sockets
Application Programming Interface (API) for IPv6, RFC
3542, May 2003.
The implementation described herein appeared in WIDE/KAME project.
It is advisable to explicitly reject all packets to your network not used by any
of your interface prefixes. Otherwise packets that have a destination address
belonging to your network may be routed back to your provider via the default
route. Set a reject route for your assigned prefix:
# route add -net 2001:db8::/48 ::1
-reject