]> git.saurik.com Git - apple/xnu.git/blob - bsd/man/man4/ip6.4
[apple/xnu.git] / bsd / man / man4 / ip6.4
1 .\" $NetBSD: ip6.4,v 1.20 2005/01/11 06:01:41 itojun Exp $
2 .\" $KAME: ip6.4,v 1.23 2005/01/11 05:56:25 itojun Exp $
3 .\" $OpenBSD: ip6.4,v 1.21 2005/01/06 03:50:46 itojun Exp $
4 .\"
5 .\" Copyright (c) 1983, 1991, 1993
6 .\" The Regents of the University of California. All rights reserved.
7 .\"
8 .\" Redistribution and use in source and binary forms, with or without
9 .\" modification, are permitted provided that the following conditions
10 .\" are met:
11 .\" 1. Redistributions of source code must retain the above copyright
12 .\" notice, this list of conditions and the following disclaimer.
13 .\" 2. Redistributions in binary form must reproduce the above copyright
14 .\" notice, this list of conditions and the following disclaimer in the
15 .\" documentation and/or other materials provided with the distribution.
16 .\" 3. Neither the name of the University nor the names of its contributors
17 .\" may be used to endorse or promote products derived from this software
18 .\" without specific prior written permission.
19 .\"
31 .Dd December 29, 2004
32 .Dt IP6 4
33 .Os
34 .Sh NAME
35 .Nm ip6
36 .Nd Internet Protocol version 6 (IPv6) network layer
38 .In sys/socket.h
39 .In netinet/in.h
40 .Ft int
41 .Fn socket AF_INET6 SOCK_RAW proto
43 The IPv6 network layer is used by the IPv6 protocol family for
44 transporting data.
45 IPv6 packets contain an IPv6 header that is not provided as part of the
46 payload contents when passed to an application.
47 IPv6 header options affect the behavior of this protocol and may be used
48 by high-level protocols (such as the
49 .Xr tcp 4
50 and
51 .Xr udp 4
52 protocols) as well as directly by
53 .Dq raw sockets ,
54 which process IPv6 messages at a lower-level and may be useful for
55 developing new protocols and special-purpose applications.
56 .Ss Header
57 All IPv6 packets begin with an IPv6 header.
58 When data received by the kernel are passed to the application, this
59 header is not included in buffer, even when raw sockets are being used.
60 Likewise, when data are sent to the kernel for transmit from the
61 application, the buffer is not examined for an IPv6 header:
62 the kernel always constructs the header.
63 To directly access IPv6 headers from received packets and specify them
64 as part of the buffer passed to the kernel, link-level access
65 .Po
66 .Xr bpf 4 ,
67 for example
68 .Pc
69 must instead be utilized.
70 .Pp
71 The header has the following definition:
72 .Bd -literal -offset indent
73 struct ip6_hdr {
74 union {
75 struct ip6_hdrctl {
76 u_int32_t ip6_un1_flow; /* 20 bits of flow ID */
77 u_int16_t ip6_un1_plen; /* payload length */
78 u_int8_t ip6_un1_nxt; /* next header */
79 u_int8_t ip6_un1_hlim; /* hop limit */
80 } ip6_un1;
81 u_int8_t ip6_un2_vfc; /* version and class */
82 } ip6_ctlun;
83 struct in6_addr ip6_src; /* source address */
84 struct in6_addr ip6_dst; /* destination address */
85 } __packed;
87 #define ip6_vfc ip6_ctlun.ip6_un2_vfc
88 #define ip6_flow ip6_ctlun.ip6_un1.ip6_un1_flow
89 #define ip6_plen ip6_ctlun.ip6_un1.ip6_un1_plen
90 #define ip6_nxt ip6_ctlun.ip6_un1.ip6_un1_nxt
91 #define ip6_hlim ip6_ctlun.ip6_un1.ip6_un1_hlim
92 #define ip6_hops ip6_ctlun.ip6_un1.ip6_un1_hlim
93 .Ed
94 .Pp
95 All fields are in network-byte order.
96 Any options specified (see
97 .Sx Options
98 below) must also be specified in network-byte order.
99 .Pp
100 .Va ip6_flow
101 specifies the flow ID.
102 .Va ip6_plen
103 specifies the payload length.
104 .Va ip6_nxt
105 specifies the type of the next header.
106 .Va ip6_hlim
107 specifies the hop limit.
108 .Pp
109 The top 4 bits of
110 .Va ip6_vfc
111 specify the class and the bottom 4 bits specify the version.
112 .Pp
113 .Va ip6_src
114 and
115 .Va ip6_dst
116 specify the source and destination addresses.
117 .Pp
118 The IPv6 header may be followed by any number of extension headers that start
119 with the following generic definition:
120 .Bd -literal -offset indent
121 struct ip6_ext {
122 u_int8_t ip6e_nxt;
123 u_int8_t ip6e_len;
124 } __packed;
125 .Ed
126 .Ss Options
127 IPv6 allows header options on packets to manipulate the behavior of the
128 protocol.
129 These options and other control requests are accessed with the
130 .Xr getsockopt 2
131 and
132 .Xr setsockopt 2
133 system calls at level
135 and by using ancillary data in
136 .Xr recvmsg 2
137 and
138 .Xr sendmsg 2 .
139 They can be used to access most of the fields in the IPv6 header and
140 extension headers.
141 .Pp
142 The following socket options are supported:
143 .Bl -tag -width Ds
144 .\" .It Dv IPV6_OPTIONS
145 .It Dv IPV6_UNICAST_HOPS Fa "int *"
146 Get or set the default hop limit header field for outgoing unicast
147 datagrams sent on this socket.
148 A value of \-1 resets to the default value.
149 .\" .It Dv IPV6_RECVOPTS Fa "int *"
150 .\" Get or set the status of whether all header options will be
151 .\" delivered along with the datagram when it is received.
152 .\" .It Dv IPV6_RECVRETOPTS Fa "int *"
153 .\" Get or set the status of whether header options will be delivered
154 .\" for reply.
155 .\" .It Dv IPV6_RECVDSTADDR Fa "int *"
156 .\" Get or set the status of whether datagrams are received with
157 .\" destination addresses.
158 .\" .It Dv IPV6_RETOPTS
159 .\" Get or set IPv6 options.
160 .It Dv IPV6_MULTICAST_IF Fa "u_int *"
161 Get or set the interface from which multicast packets will be sent.
162 For hosts with multiple interfaces, each multicast transmission is sent
163 from the primary network interface.
164 The interface is specified as its index as provided by
165 .Xr if_nametoindex 3 .
166 A value of zero specifies the default interface.
167 .It Dv IPV6_MULTICAST_HOPS Fa "int *"
168 Get or set the default hop limit header field for outgoing multicast
169 datagrams sent on this socket.
170 This option controls the scope of multicast datagram transmissions.
171 .Pp
172 Datagrams with a hop limit of 1 are not forwarded beyond the local
173 network.
174 Multicast datagrams with a hop limit of zero will not be transmitted on
175 any network but may be delivered locally if the sending host belongs to
176 the destination group and if multicast loopback (see below) has not been
177 disabled on the sending socket.
178 Multicast datagrams with a hop limit greater than 1 may be forwarded to
179 the other networks if a multicast router (such as
180 .Xr mrouted 8 )
181 is attached to the local network.
182 .It Dv IPV6_MULTICAST_LOOP Fa "u_int *"
183 Get or set the status of whether multicast datagrams will be looped back
184 for local delivery when a multicast datagram is sent to a group to which
185 the sending host belongs.
186 .Pp
187 This option improves performance for applications that may have no more
188 than one instance on a single host (such as a router daemon) by
189 eliminating the overhead of receiving their own transmissions.
190 It should generally not be used by applications for which there may be
191 more than one instance on a single host (such as a conferencing program)
192 or for which the sender does not belong to the destination group
193 (such as a time-querying program).
194 .Pp
195 A multicast datagram sent with an initial hop limit greater than 1 may
196 be delivered to the sending host on a different interface from that on
197 which it was sent if the host belongs to the destination group on that
198 other interface.
199 The multicast loopback control option has no effect on such delivery.
200 .It Dv IPV6_JOIN_GROUP Fa "struct ipv6_mreq *"
201 Join a multicast group.
202 A host must become a member of a multicast group before it can receive
203 datagrams sent to the group.
204 .Bd -literal
205 struct ipv6_mreq {
206 struct in6_addr ipv6mr_multiaddr;
207 unsigned int ipv6mr_interface;
208 };
209 .Ed
210 .Pp
211 .Va ipv6mr_interface
212 may be set to zeroes to choose the default multicast interface or to the
213 index of a particular multicast-capable interface if the host is
214 multihomed.
215 Membership is associated with a single interface; programs running on
216 multihomed hosts may need to join the same group on more than one
217 interface.
218 .Pp
219 If the multicast address is unspecified (i.e., all zeroes), messages
220 from all multicast addresses will be accepted by this group.
221 Note that setting to this value requires superuser privileges.
222 .It Dv IPV6_LEAVE_GROUP Fa "struct ipv6_mreq *"
223 Drop membership from the associated multicast group.
224 Memberships are automatically dropped when the socket is closed or when
225 the process exits.
226 .It Dv IPV6_PORTRANGE Fa "int *"
227 Get or set the allocation policy of ephemeral ports for when the kernel
228 automatically binds a local address to this socket.
229 The following values are available:
230 .Pp
231 .Bl -tag -width IPV6_PORTRANGE_DEFAULT -compact
233 Use the regular range of non-reserved ports (varies, see
234 .Xr sysctl 8 ) .
236 Use a high range (varies, see
237 .Xr sysctl 8 ) .
239 Use a low, reserved range (600\-1023).
240 .El
241 .It Dv IPV6_PKTINFO Fa "int *"
242 Get or set whether additional information about subsequent packets will
243 be provided as ancillary data along with the payload in subsequent
244 .Xr recvmsg 2
245 calls.
246 The information is stored in the following structure in the ancillary
247 data returned:
248 .Bd -literal
249 struct in6_pktinfo {
250 struct in6_addr ipi6_addr; /* src/dst IPv6 address */
251 unsigned int ipi6_ifindex; /* send/recv if index */
252 };
253 .Ed
254 .It Dv IPV6_HOPLIMIT Fa "int *"
255 Get or set whether the hop limit header field from subsequent packets
256 will be provided as ancillary data along with the payload in subsequent
257 .Xr recvmsg 2
258 calls.
259 The value is stored as an
260 .Vt int
261 in the ancillary data returned.
262 .\" .It Dv IPV6_NEXTHOP Fa "int *"
263 .\" Get or set whether the address of the next hop for subsequent
264 .\" packets will be provided as ancillary data along with the payload in
265 .\" subsequent
266 .\" .Xr recvmsg 2
267 .\" calls.
268 .\" The option is stored as a
269 .\" .Vt sockaddr
270 .\" structure in the ancillary data returned.
271 .\" .Pp
272 .\" This option requires superuser privileges.
273 .It Dv IPV6_HOPOPTS Fa "int *"
274 Get or set whether the hop-by-hop options from subsequent packets will be
275 provided as ancillary data along with the payload in subsequent
276 .Xr recvmsg 2
277 calls.
278 The option is stored in the following structure in the ancillary data
279 returned:
280 .Bd -literal
281 struct ip6_hbh {
282 u_int8_t ip6h_nxt; /* next header */
283 u_int8_t ip6h_len; /* length in units of 8 octets */
284 /* followed by options */
285 } __packed;
286 .Ed
287 .Pp
288 The
289 .Fn inet6_option_space
290 routine and family of routines may be used to manipulate this data.
291 .Pp
292 This option requires superuser privileges.
293 .It Dv IPV6_DSTOPTS Fa "int *"
294 Get or set whether the destination options from subsequent packets will
295 be provided as ancillary data along with the payload in subsequent
296 .Xr recvmsg 2
297 calls.
298 The option is stored in the following structure in the ancillary data
299 returned:
300 .Bd -literal
301 struct ip6_dest {
302 u_int8_t ip6d_nxt; /* next header */
303 u_int8_t ip6d_len; /* length in units of 8 octets */
304 /* followed by options */
305 } __packed;
306 .Ed
307 .Pp
308 The
309 .Fn inet6_option_space
310 routine and family of routines may be used to manipulate this data.
311 .Pp
312 This option requires superuser privileges.
313 .It Dv IPV6_RTHDR Fa "int *"
314 Get or set whether the routing header from subsequent packets will be
315 provided as ancillary data along with the payload in subsequent
316 .Xr recvmsg 2
317 calls.
318 The header is stored in the following structure in the ancillary data
319 returned:
320 .Bd -literal
321 struct ip6_rthdr {
322 u_int8_t ip6r_nxt; /* next header */
323 u_int8_t ip6r_len; /* length in units of 8 octets */
324 u_int8_t ip6r_type; /* routing type */
325 u_int8_t ip6r_segleft; /* segments left */
326 /* followed by routing-type-specific data */
327 } __packed;
328 .Ed
329 .Pp
330 The
331 .Fn inet6_option_space
332 routine and family of routines may be used to manipulate this data.
333 .Pp
334 This option requires superuser privileges.
335 .It Dv IPV6_PKTOPTIONS Fa "struct cmsghdr *"
336 Get or set all header options and extension headers at one time on the
337 last packet sent or received on the socket.
338 All options must fit within the size of an mbuf (see
339 .Xr mbuf 9 ) .
340 Options are specified as a series of
341 .Vt cmsghdr
342 structures followed by corresponding values.
343 .Va cmsg_level
344 is set to
345 .Dv IPPROTO_IPV6 ,
346 .Va cmsg_type
347 to one of the other values in this list, and trailing data to the option
348 value.
349 When setting options, if the length
350 .Va optlen
351 to
352 .Xr setsockopt 2
353 is zero, all header options will be reset to their default values.
354 Otherwise, the length should specify the size the series of control
355 messages consumes.
356 .Pp
357 Instead of using
358 .Xr sendmsg 2
359 to specify option values, the ancillary data used in these calls that
360 correspond to the desired header options may be directly specified as
361 the control message in the series of control messages provided as the
362 argument to
363 .Xr setsockopt 2 .
364 .It Dv IPV6_CHECKSUM Fa "int *"
365 Get or set the byte offset into a packet where the 16-bit checksum is
366 located.
367 When set, this byte offset is where incoming packets will be expected
368 to have checksums of their data stored and where outgoing packets will
369 have checksums of their data computed and stored by the kernel.
370 A value of \-1 specifies that no checksums will be checked on incoming
371 packets and that no checksums will be computed or stored on outgoing
372 packets.
373 The offset of the checksum for ICMPv6 sockets cannot be relocated or
374 turned off.
375 .It Dv IPV6_V6ONLY Fa "int *"
376 Get or set whether only IPv6 connections can be made to this socket.
377 For wildcard sockets, this can restrict connections to IPv6 only.
378 .\"With
379 .\".Ox
380 .\"IPv6 sockets are always IPv6-only, so the socket option is read-only
381 .\"(not modifiable).
382 .It Dv IPV6_FAITH Fa "int *"
383 Get or set the status of whether
384 .Xr faith 4
385 connections can be made to this socket.
386 .It Dv IPV6_USE_MIN_MTU Fa "int *"
387 Get or set whether the minimal IPv6 maximum transmission unit (MTU) size
388 will be used to avoid fragmentation from occurring for subsequent
389 outgoing datagrams.
390 .It Dv IPV6_AUTH_LEVEL Fa "int *"
391 Get or set the
392 .Xr ipsec 4
393 authentication level.
394 .It Dv IPV6_ESP_TRANS_LEVEL Fa "int *"
395 Get or set the ESP transport level.
396 .It Dv IPV6_ESP_NETWORK_LEVEL Fa "int *"
397 Get or set the ESP encapsulation level.
398 .It Dv IPV6_IPCOMP_LEVEL Fa "int *"
399 Get or set the
400 .Xr ipcomp 4
401 level.
402 .El
403 .Pp
404 The
405 .Dv IPV6_PKTINFO ,
406 .\" .Dv IPV6_NEXTHOP ,
408 .Dv IPV6_HOPOPTS ,
409 .Dv IPV6_DSTOPTS ,
410 and
411 .Dv IPV6_RTHDR
412 options will return ancillary data along with payload contents in subsequent
413 .Xr recvmsg 2
414 calls with
415 .Va cmsg_level
416 set to
418 and
419 .Va cmsg_type
420 set to respective option name value (e.g.,
421 .Dv IPV6_HOPTLIMIT ) .
422 These options may also be used directly as ancillary
423 .Va cmsg_type
424 values in
425 .Xr sendmsg 2
426 to set options on the packet being transmitted by the call.
427 The
428 .Va cmsg_level
429 value must be
430 .Dv IPPROTO_IPV6 .
431 For these options, the ancillary data object value format is the same
432 as the value returned as explained for each when received with
433 .Xr recvmsg 2 .
434 .Pp
435 Note that using
436 .Xr sendmsg 2
437 to specify options on particular packets works only on UDP and raw sockets.
438 To manipulate header options for packets on TCP sockets, only the socket
439 options may be used.
440 .Pp
441 In some cases, there are multiple APIs defined for manipulating an IPv6
442 header field.
443 A good example is the outgoing interface for multicast datagrams, which
444 can be set by the
446 socket option, through the
448 option, and through the
449 .Va sin6_scope_id
450 field of the socket address passed to the
451 .Xr sendto 2
452 system call.
453 .Pp
454 Resolving these conflicts is implementation dependent.
455 This implementation determines the value in the following way:
456 options specified by using ancillary data (i.e.,
457 .Xr sendmsg 2 )
458 are considered first,
459 options specified by using
461 to set
462 .Dq sticky
463 options are considered second,
464 options specified by using the individual, basic, and direct socket
465 options (e.g.,
467 are considered third,
468 and options specified in the socket address supplied to
469 .Xr sendto 2
470 are the last choice.
471 .Ss Multicasting
472 IPv6 multicasting is supported only on
473 .Dv AF_INET6
474 sockets of type
476 and
477 .Dv SOCK_RAW ,
478 and only on networks where the interface driver supports
479 multicasting.
480 Socket options (see above) that manipulate membership of
481 multicast groups and other multicast options include
486 and
488 .Ss Raw Sockets
489 Raw IPv6 sockets are connectionless and are normally used with the
490 .Xr sendto 2
491 and
492 .Xr recvfrom 2
493 calls, although the
494 .Xr connect 2
495 call may be used to fix the destination address for future outgoing
496 packets so that
497 .Xr send 2
498 may instead be used and the
499 .Xr bind 2
500 call may be used to fix the source address for future outgoing
501 packets instead of having the kernel choose a source address.
502 .Pp
503 By using
504 .Xr connect 2
505 or
506 .Xr bind 2 ,
507 raw socket input is constrained to only packets with their
508 source address matching the socket destination address if
509 .Xr connect 2
510 was used and to packets with their destination address
511 matching the socket source address if
512 .Xr bind 2
513 was used.
514 .Pp
515 If the
516 .Ar proto
517 argument to
518 .Xr socket 2
519 is zero, the default protocol
521 is used for outgoing packets.
522 For incoming packets, protocols recognized by kernel are
523 .Sy not
524 passed to the application socket (e.g.,
525 .Xr tcp 4
526 and
527 .Xr udp 4 )
528 except for some ICMPv6 messages.
529 The ICMPv6 messages not passed to raw sockets include echo, timestamp,
530 and address mask requests.
531 If
532 .Ar proto
533 is non-zero, only packets with this protocol will be passed to the
534 socket.
535 .Pp
536 IPv6 fragments are also not passed to application sockets until
537 they have been reassembled.
538 If reception of all packets is desired, link-level access (such as
539 .Xr bpf 4 )
540 must be used instead.
541 .Pp
542 Outgoing packets automatically have an IPv6 header prepended to them
543 (based on the destination address and the protocol number the socket
544 was created with).
545 Incoming packets are received by an application without the IPv6 header
546 or any extension headers.
547 .Pp
548 Outgoing packets will be fragmented automatically by the kernel if they
549 are too large.
550 Incoming packets will be reassembled before being sent to the raw socket,
551 so packet fragments or fragment headers will never be seen on a raw socket.
553 The following determines the hop limit on the next packet received:
554 .Bd -literal
555 struct iovec iov[2];
556 u_char buf[BUFSIZ];
557 struct cmsghdr *cm;
558 struct msghdr m;
559 int found, optval;
560 u_char data[2048];
562 /* Create socket. */
564 (void)memset(&m, 0, sizeof(m));
565 (void)memset(&iov, 0, sizeof(iov));
567 iov[0].iov_base = data; /* buffer for packet payload */
568 iov[0].iov_len = sizeof(data); /* expected packet length */
570 m.msg_name = &from; /* sockaddr_in6 of peer */
571 m.msg_namelen = sizeof(from);
572 m.msg_iov = iov;
573 m.msg_iovlen = 1;
574 m.msg_control = (caddr_t)buf; /* buffer for control messages */
575 m.msg_controllen = sizeof(buf);
577 /*
578 * Enable the hop limit value from received packets to be
579 * returned along with the payload.
580 */
581 optval = 1;
582 if (setsockopt(s, IPPROTO_IPV6, IPV6_HOPLIMIT, &optval,
583 sizeof(optval)) == -1)
584 err(1, "setsockopt");
586 found = 0;
587 while (!found) {
588 if (recvmsg(s, &m, 0) == -1)
589 err(1, "recvmsg");
590 for (cm = CMSG_FIRSTHDR(&m); cm != NULL;
591 cm = CMSG_NXTHDR(&m, cm)) {
592 if (cm->cmsg_level == IPPROTO_IPV6 &&
593 cm->cmsg_type == IPV6_HOPLIMIT &&
594 cm->cmsg_len == CMSG_LEN(sizeof(int))) {
595 found = 1;
596 (void)printf("hop limit: %d\en",
597 *(int *)CMSG_DATA(cm));
598 break;
599 }
600 }
601 }
602 .Ed
604 A socket operation may fail with one of the following errors returned:
605 .Bl -tag -width EADDRNOTAVAILxx
606 .It Bq Er EISCONN
607 when trying to establish a connection on a socket which
608 already has one or when trying to send a datagram with the destination
609 address specified and the socket is already connected.
610 .It Bq Er ENOTCONN
611 when trying to send a datagram, but
612 no destination address is specified, and the socket hasn't been
613 connected.
614 .It Bq Er ENOBUFS
615 when the system runs out of memory for
616 an internal data structure.
618 when an attempt is made to create a
619 socket with a network address for which no network interface
620 exists.
621 .It Bq Er EACCES
622 when an attempt is made to create
623 a raw IPv6 socket by a non-privileged process.
624 .El
625 .Pp
626 The following errors specific to IPv6 may occur when setting or getting
627 header options:
628 .Bl -tag -width EADDRNOTAVAILxx
629 .It Bq Er EINVAL
630 An unknown socket option name was given.
631 .It Bq Er EINVAL
632 An ancillary data object was improperly formed.
633 .El
634 .Sh SEE ALSO
635 .Xr getsockopt 2 ,
636 .Xr recv 2 ,
637 .Xr send 2 ,
638 .Xr setsockopt 2 ,
639 .Xr socket 2 ,
640 .\" .Xr inet6_option_space 3 ,
641 .\" .Xr inet6_rthdr_space 3 ,
642 .Xr if_nametoindex 3 ,
643 .Xr bpf 4 ,
644 .Xr icmp6 4 ,
645 .Xr inet6 4 ,
646 .Xr netintro 4 ,
647 .Xr tcp 4 ,
648 .Xr udp 4
649 .Rs
650 .%A W. Stevens
651 .%A M. Thomas
652 .%T Advanced Sockets API for IPv6
653 .%R RFC 2292
654 .%D February 1998
655 .Re
656 .Rs
657 .%A S. Deering
658 .%A R. Hinden
659 .%T Internet Protocol, Version 6 (IPv6) Specification
660 .%R RFC 2460
661 .%D December 1998
662 .Re
663 .Rs
664 .%A R. Gilligan
665 .%A S. Thomson
666 .%A J. Bound
667 .%A W. Stevens
668 .%T Basic Socket Interface Extensions for IPv6
669 .%R RFC 2553
670 .%D March 1999
671 .Re
672 .Rs
673 .%A W. Stevens
674 .%A B. Fenner
675 .%A A. Rudoff
676 .%T UNIX Network Programming, third edition
677 .Re
679 Most of the socket options are defined in RFC 2292 or RFC 2553.
680 The
681 .Dv IPV6_V6ONLY
682 socket option is defined in RFC 3542.
683 The
685 socket option and the conflict resolution rule are not defined in the
686 RFCs and should be considered implementation dependent.