xref: /illumos-gate/usr/src/man/man4p/ip6.4p (revision 4b9db4f6425b1a08fca4390f446072c4a6aae8d5)
te
Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved
Copyright 2024 Oxide Computer Company
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
IP6 4P "April 17, 2024"
NAME
ip6 - Internet Protocol Version 6
SYNOPSIS
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/ip6.h>

s = socket(AF_INET6, SOCK_RAW, proto);

t = t_open ("/dev/rawip6", O_RDWR);
DESCRIPTION
The IPv6 protocol is the next generation of the internetwork datagram delivery protocol of the Internet protocol family. Programs may use IPv6 through higher-level protocols such as the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP), or may interface directly to IPv6. See tcp(4P) and udp(4P). Direct access may be by means of the socket interface, using a "raw socket," or by means of the Transport Level Interface (TLI). The protocol options and IPv6 extension headers defined in the IPv6 specification may be set in outgoing datagrams.
APPLICATION PROGRAMMING INTERFACE
The STREAMS driver /dev/rawip6 is the TLI transport provider that provides raw access to IPv6.

Raw IPv6 sockets are connectionless and are normally used with the sendto() and recvfrom() calls (see send(3SOCKET) and recv(3SOCKET)), although the connect(3SOCKET) call may also be used to fix the destination for future datagrams. In this case, the read(2) or recv(3SOCKET) and write(2) or send(3SOCKET) calls may be used. Ancillary data may also be sent or received over raw IPv6 sockets using the sendmsg(3SOCKET) and recvmsg(3SOCKET) system calls.

Unlike raw IP, IPv6 applications do not include a complete IPv6 header when sending; there is no IPv6 analog to the IP IP_HDRINCL socket option. IPv6 header values may be specified or received as ancillary data to a sendmsg(3SOCKET) or recvmsg(3SOCKET) system call, or may be specified as "sticky" options on a per-socket basis by using the setsockopt(3SOCKET) system call. Such sticky options are applied to all outbound packets unless overridden by ancillary data. If any ancillary data is specified in a sendmsg(3SOCKET) call, all sticky options not explicitly overridden revert to default values for that datagram only; the sticky options persist as set for subsequent datagrams.

Since sendmsg(3SOCKET) is not supported for SOCK_STREAM upper level protocols such as TCP, ancillary data is unsupported for TCP. Sticky options, however, are supported.

Since sendmsg(3SOCKET) is supported for SOCK_DGRAM upper level protocols, both ancillary data and sticky options are supported for UDP, ICMP6, and raw IPv6 sockets.

The socket options supported at the IPv6 level are: IPV6_BOUND_IF

Limit reception and transmission of packets to this interface. Takes an integer as an argument; the integer is the selected interface index.

IPV6_UNSPEC_SRC

Boolean. Allow/disallow sending with a zero source address.

IPV6_UNICAST_HOPS

Default hop limit for unicast datagrams. This option takes an integer as an argument. Its value becomes the new default value for ip6_hops that IPv6 will use on outgoing unicast datagrams sent from that socket. The initial default is 60.

IPV6_MINHOPCOUNT

Controls the minimum value of the IPv6 header's hop limit field that is required in an IPv6 packet before accepting it. If the value is set to 100, then only IPv6 packets with a TTL of 100 or higher are accepted. Packets with a TTL less than the minimum are dropped. This option takes an integer as an argument and must be in the range of 0 to 255. A value of 0 indicates that all packets should be accepted.

IPV6_CHECKSUM

Specify the integer offset in bytes into the user data of the checksum location. Does not apply to the ICMP6 protocol. Note: checksums are required for all IPv6 datagrams; this is different from IP, in which datagram checksums were optional. IPv6 will compute the ULP checksum if the value in the checksum field is zero.

IPV6_SEC_OPT

Enable or obtain IPsec security settings for this socket. For more details on the protection services of IPsec, see ipsec(4P).

IPV6_DONTFRAG

Boolean. Control fragmentation.

IPV6_USE_MIN_MTU

Controls whether path MTU discovery is used. If set to 1, path MTU discovery is never used and IPv6 packets are sent with the IPv6 minimum MTU. If set to -1, path MTU discovery is not used for multicast and multicast packets are sent with the IPv6 minimum MTU. If set to 0, path MTU is always performed.

IPV6_V6ONLY

Boolean. If set, only V6 packets can be sent or received

IPV6_SRC_PREFERENCES

Enable or obtain Source Address Selection rule settings for this socket. For more details on the Source Address Selection rules, see inet6(4P).

The following options are boolean switches controlling the reception of ancillary data: IPV6_RECVPKTINFO

Enable/disable receipt of the index of the interface the packet arrived on, and of the inbound packet's destination address.

IPV6_RECVHOPLIMIT

Enable/disable receipt of the inbound packet's current hoplimit.

IPV6_RECVHOPOPTS

Enable/disable receipt of the inbound packet's IPv6 hop-by-hop extension header.

IPV6_RECVDSTOPTS

Enable/disable receipt of the inbound packet's IPv6 destination options extension header.

IPV6_RECVRTHDR

Enable/disable receipt of the inbound packet's IPv6 routing header.

IPV6_RECVRTHDRDSTOPTS

Enable/disable receipt of the inbound packet's intermediate-hops options extension header. This option is obsolete. IPV6_RECVDSTOPTS turns on receipt of both destination option headers.

IPV6_RECVTCLASS

Enable/disable receipt of the traffic class of the inbound packet.

IPV6_RECVPATHMTU

Enable/disable receipt of the path mtu of the inbound packet.

The following options may be set as sticky options with setsockopt(3SOCKET) or as ancillary data to a sendmsg(3SOCKET) system call: IPV6_PKTINFO

Set the source address and/or interface out which the packet(s) will be sent. Takes a struct in6_pktinfo as the parameter.

IPV6_HOPLIMIT

Set the initial hoplimit for outbound datagrams. Takes an integer as the parameter. Note: This option sets the hoplimit only for ancillary data or sticky options and does not change the default hoplimit for the socket; see IPV6_UNICAST_HOPS and IPV6_MULTICAST_HOPS to change the socket's default hoplimit.

IPV6_NEXTHOP

Specify the IPv6 address of the first hop, which must be a neighbor of the sending host. Takes a struct sockaddr_in6 as the parameter. When this option specifies the same address as the destination IPv6 address of the datagram, this is equivalent to the existing SO_DONTROUTE option.

IPV6_HOPOPTS

Specify one or more hop-by-hop options. Variable length. Takes a complete IPv6 hop-by-hop options extension header as the parameter.

IPV6_DSTOPTS

Specify one or more destination options. Variable length. Takes a complete IPv6 destination options extension header as the parameter.

IPV6_RTHDR

Specify the IPv6 routing header. Variable length. Takes a complete IPv6 routing header as the parameter. Currently, only type 0 routing headers are supported.

IPV6_RTHDRDSTOPTS

Specify one or more destination options for all intermediate hops. May be configured, but will not be applied unless an IPv6 routing header is also configured. Variable length. Takes a complete IPv6 destination options extension header as the parameter.

IPV6_PATHMTU

Get the path MTU associated with a connected socket. Takes a ip6_mtuinfo as the parameter.

IPV6_TCLASS

Set the traffic class associated with outgoing packets. The parameter is an integer. If the parameter is less then -1 or greater then 256, EINVAL is returned. If the parameter is equal to -1, use the default. If the parameter is between 0 and 255 inclusive, use that value.

The following options affect the socket's multicast behavior: IPV6_JOIN_GROUP

Join a multicast group. Takes a struct ipv6_mreq as the parameter; the structure contains a multicast address and an interface index.

IPV6_LEAVE_GROUP

Leave a multicast group. Takes a struct ipv6_mreq as the parameter; the structure contains a multicast address and an interface index.

MCAST_JOIN_GROUP

Functionally equivalent to IPV6_JOIN_GROUP. Takes a struct group_req as the parameter. The structure contains a multicast address and an interface index.

MCAST_BLOCK_SOURCE

Block multicast packets on a particular multicast group whose source address matches the given source address. The specified group must be joined previously using IPV6_JOIN_GROUP or MCAST_JOIN_GROUP. Takes a struct group_source_req as the parameter. The structure contains an interface index, a multicast address, and a source address.

MCAST_UNBLOCK_SOURCE

Unblock multicast packets which were previously blocked using MCAST_BLOCK_SOURCE. Takes a struct group_source_req as the parameter. The structure contains an interface index, a multicast address, and a source address.

MCAST_LEAVE_GROUP

Functionally equivalent to IPV6_LEAVE_GROUP. Takes a struct group_req as the parameter. The structure contains a multicast address and an interface index.

MCAST_JOIN_SOURCE_GROUP

Begin receiving packets for the given multicast group whose source address matches the specified address. Takes a struct group_source_req as the parameter. The structure contains an interface index, a multicast address, and a source address.

MCAST_LEAVE_SOURCE_GROUP

Stop receiving packets for the given multicast group whose source address matches the specified address. Takes a struct group_source_req as the parameter. The structure contains an interface index, a multicast address, and a source address.

IPV6_MULTICAST_IF

The outgoing interface for multicast packets. This option takes an integer as an argument; the integer is the interface index of the selected interface.

IPV6_MULTICAST_HOPS

Default hop limit for multicast datagrams. This option takes an integer as an argument. Its value becomes the new default value for ip6_hops that IPv6 will use on outgoing multicast datagrams sent from that socket. The initial default is 1.

IPV6_MULTICAST_LOOP

Loopback for multicast datagrams. Normally multicast datagrams are delivered to members on the sending host. Setting the unsigned character argument to 0 will cause the opposite behavior.

The multicast socket options can be used with any datagram socket type in the IPv6 family.

At the socket level, the socket option SO_DONTROUTE may be applied. This option forces datagrams being sent to bypass routing and forwarding by forcing the IPv6 hoplimit field to 1, meaning that the packet will not be forwarded by routers.

Raw IPv6 datagrams can also be sent and received using the TLI connectionless primitives.

Datagrams flow through the IPv6 layer in two directions: from the network up to user processes and from user processes down to the network. Using this orientation, IPv6 is layered above the network interface drivers and below the transport protocols such as UDP and TCP. The Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) is logically a part of IPv6. See icmp6(4P).

Unlike IP, IPv6 provides no checksum of the IPv6 header. Also unlike IP, upper level protocol checksums are required. IPv6 will compute the ULP/data portion checksum if the checksum field contains a zero (see IPV6_CHECKSUM option above).

IPv6 extension headers in received datagrams are processed in the IPv6 layer according to the protocol specification. Currently recognized IPv6 extension headers include hop-by-hop options header, destination options header, routing header (currently, only type 0 routing headers are supported), and fragment header.

By default, the IPv6 layer will not forward IPv6 packets that are not addressed to it. This behavior can be overridden by using routeadm(8) to enable the ipv6-forwarding option. IPv6 forwarding is configured at boot time based on the setting of routeadm(8)'s ipv6-forwarding option.

For backwards compatibility, IPv6 forwarding can be enabled or disabled using ndd(8)'s ip_forwarding variable. It is set to 1 if IPv6 forwarding is enabled, or 0 if it is disabled.

Additionally, finer-grained forwarding can be configured in IPv6. Each interface can be configured to forward IPv6 packets by setting the IFF_ROUTER interface flag. This flag can be set and cleared using ifconfig(8)'s router and -router options. If an interface's IFF_ROUTER flag is set, packets can be forwarded to or from the interface. If it is clear, packets will neither be forwarded from this interface to others, nor forwarded to this interface. Setting the ip6_forwarding variable sets all of the IPv6 interfaces' IFF_ROUTER flags.

For backwards compatibility, each interface creates an <ifname>ip6_forwarding /dev/ip6 variable that can be modified using ndd(8). An interface's :ip6_forwarding ndd variable is a boolean variable that mirrors the status of its IFF_ROUTER interface flag. It is set to 1 if the flag is set, or 0 if it is clear. This interface specific <ifname>:ip6_forwarding ndd variable is obsolete and may be removed in a future release of Solaris. The ifconfig(8) router and -router interfaces are preferred.

The IPv6 layer will send an ICMP6 message back to the source host in many cases when it receives a datagram that can not be handled. A "time exceeded" ICMP6 message will be sent if the ip6_hops field in the IPv6 header drops to zero in the process of forwarding a datagram. A "destination unreachable" message will be sent by a router or by the originating host if a datagram can not be sent on because there is no route to the final destination; it will be sent by a router when it encounters a firewall prohibition; it will be sent by a destination node when the transport protocol (that is, TCP) has no listener. A "packet too big" message will be sent by a router if the packet is larger than the MTU of the outgoing link (this is used for Path MTU Discovery). A "parameter problem" message will be sent if there is a problem with a field in the IPv6 header or any of the IPv6 extension headers such that the packet cannot be fully processed.

The IPv6 layer supports fragmentation and reassembly. Datagrams are fragmented on output if the datagram is larger than the maximum transmission unit (MTU) of the network interface. Fragments of received datagrams are dropped from the reassembly queues if the complete datagram is not reconstructed within a short time period.

Errors in sending discovered at the network interface driver layer are passed by IPv6 back up to the user process.

SEE ALSO
svcs (1), read (2), write (2), bind (3SOCKET), connect (3SOCKET), getsockopt (3SOCKET), recv (3SOCKET), recvmsg (3SOCKET), send (3SOCKET), sendmsg (3SOCKET), setsockopt (3SOCKET), icmp6 (4P), if_tcp (4P), inet6 (4P), ipsec (4P), routing (4P), tcp (4P), udp (4P), defaultrouter (5), smf (7), ndd (8), routeadm (8), svcadm (8)

Deering, S. and Hinden, B. RFC 2460, Internet Protocol, Version 6 (IPv6) Specification. The Internet Society. December, 1998.

Stevens, W., and Thomas, M. RFC 2292, Advanced Sockets API for IPv6. Network Working Group. February 1998.

DIAGNOSTICS
A socket operation may fail with one of the following errors returned: EPROTONOSUPPORT

Unsupported protocol (for example, IPPROTO_RAW.)

EACCES

A bind() operation was attempted with a "reserved" port number and the effective user ID of the process was not the privileged user.

EADDRINUSE

A bind() operation was attempted on a socket with a network address/port pair that has already been bound to another socket.

EADDRNOTAVAIL

A bind() operation was attempted for an address that is not configured on this machine.

EINVAL

A sendmsg() operation with a non-NULL msg_accrights was attempted.

EINVAL

A getsockopt() or setsockopt() operation with an unknown socket option name was given.

EINVAL

A getsockopt() or setsockopt() operation was attempted with the IPv6 option field improperly formed; an option field was shorter than the minimum value or longer than the option buffer provided; the value in the option field was invalid.

EISCONN

A connect() operation was attempted on a socket on which a connect() operation had already been performed, and the socket could not be successfully disconnected before making the new connection.

EISCONN

A sendto() or sendmsg() operation specifying an address to which the message should be sent was attempted on a socket on which a connect() operation had already been performed.

EMSGSIZE

A send(), sendto(), or sendmsg() operation was attempted to send a datagram that was too large for an interface, but was not allowed to be fragmented (such as broadcasts).

ENETUNREACH

An attempt was made to establish a connection via connect(), or to send a datagram by means of sendto() or sendmsg(), where there was no matching entry in the routing table; or if an ICMP "destination unreachable" message was received.

ENOTCONN

A send() or write() operation, or a sendto() or sendmsg() operation not specifying an address to which the message should be sent, was attempted on a socket on which a connect() operation had not already been performed.

ENOBUFS

The system ran out of memory for fragmentation buffers or other internal data structures.

ENOMEM

The system was unable to allocate memory for an IPv6 socket option or other internal data structures.

ENOPROTOOPT

An IP socket option was attempted on an IPv6 socket, or an IPv6 socket option was attempted on an IP socket.

ENOPROTOOPT

Invalid socket type for the option.

NOTES
Applications using the sockets API must use the Advanced Sockets API for IPv6 (RFC 2292) to see elements of the inbound packet's IPv6 header or extension headers.

The ip6 service is managed by the service management facility, smf(7), under the service identifier:

svc:/network/initial:default

Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(8). The service's status can be queried using the svcs(1) command.