【FreeBSD Developers' Handbook】中的IPv6部分
Chapter 8 IPv6 Internals
8.1 IPv6/IPsec Implementation
由Yoshinobu Inoue投稿。
本节将讨论一些与IPv6 和IPsec 相关的实现内幕。这些功能来自KAME 项目。
8.1.1 IPv6
8.1.1.1 Conformance
与IPv6 相关的功能总是试图保持和最新的IPv6 规范的一致性。为了下面引用方便,我们把一些相关文档列在下面(注意:这不是一个完整的列表,那太难于维护了. . .)。
如果想知道进一步的细节,请参考相关文档、RFC 、manual page 或者是源代码中的注释。
一致性测试是在TAHI 项目中对KAME STABLE 套件进行的。可以在这里看到结果:http://www.tahi.org/report/KAME/。
RFC1639: FTP Operation Over Big Address Records (FOOBAR)
RFC2428 is preferred over RFC1639. FTP clients will first try RFC2428, then RFC1639 if failed.RFC1886: DNS Extensions to support IPv6
RFC1933: Transition Mechanisms for IPv6 Hosts and Routers
IPv4 compatible address is not supported.
automatic tunneling (described in 4.3 of this RFC) is not supported.
gif(4) interface implements IPv[46]-over-IPv[46] tunnel in a generic way, and it covers "configured tunnel" described in the spec. See 23.5.1.5 in this document for details.RFC1981: Path MTU Discovery for IPv6
RFC2080: RIPng for IPv6
usr.sbin/route6d support this.RFC2292: Advanced Sockets API for IPv6
For supported library functions/kernel APIs, see sys/netinet6/ADVAPI.RFC2362: Protocol Independent Multicast-Sparse Mode (PIM-SM)
RFC2362 defines packet formats for PIM-SM. draft-ietf-pim-ipv6-01.txt is written based on this.RFC2373: IPv6 Addressing Architecture
supports node required addresses, and conforms to the scope requirement.RFC2374: An IPv6 Aggregatable Global Unicast Address Format
supports 64-bit length of Interface ID.RFC2375: IPv6 Multicast Address Assignments
Userland applications use the well-known addresses assigned in the RFC.RFC2428: FTP Extensions for IPv6 and NATs
RFC2428 is preferred over RFC1639. FTP clients will first try RFC2428, then RFC1639 if failed.RFC2460: IPv6 specification
RFC2461: Neighbor discovery for IPv6
See 23.5.1.2 in this document for details.RFC2462: IPv6 Stateless Address Autoconfiguration
See 23.5.1.4 in this document for details.RFC2463: ICMPv6 for IPv6 specification
See 23.5.1.9 in this document for details.RFC2464: Transmission of IPv6 Packets over Ethernet Networks
RFC2465: MIB for IPv6: Textual Conventions and General Group
Necessary statistics are gathered by the kernel. Actual IPv6 MIB support is provided as a patchkit for ucd-snmp.RFC2466: MIB for IPv6: ICMPv6 group
Necessary statistics are gathered by the kernel. Actual IPv6 MIB support is provided as patchkit for ucd-snmp.RFC2467: Transmission of IPv6 Packets over FDDI Networks
RFC2497: Transmission of IPv6 packet over ARCnet Networks
RFC2553: Basic Socket Interface Extensions for IPv6
IPv4 mapped address (3.7) and special behavior of IPv6 wildcard bind socket (3.8) are supported. See 23.5.1.12 in this document for details.RFC2675: IPv6 Jumbograms
See 23.5.1.7 in this document for details.RFC2710: Multicast Listener Discovery for IPv6
RFC2711: IPv6 router alert option
draft-ietf-ipngwg-router-renum-08: Router renumbering for IPv6
draft-ietf-ipngwg-icmp-namelookups-02: IPv6 Name Lookups Through ICMP
draft-ietf-ipngwg-icmp-name-lookups-03: IPv6 Name Lookups Through ICMP
draft-ietf-pim-ipv6-01.txt: PIM for IPv6
pim6dd(8) implements dense mode. pim6sd(8) implements sparse mode.draft-itojun-ipv6-tcp-to-anycast-00: Disconnecting TCP connection toward IPv6 anycast address
draft-yamamoto-wideipv6-comm-model-00
See 23.5.1.6 in this document for details.draft-ietf-ipngwg-scopedaddr-format-00.txt : An Extension of Format for IPv6 Scoped Addresses
8.1.1.2 Neighbor Discovery
邻居发现(Neighbor Discovery )功能已经相当稳定了。目前已提供对地址解析(Address Resolution )、重复地址检测(Duplicated Address Detection )和邻居不可达检测(Neighbor Unreachability Detection )的支持。在不久的将来,我们将在内核中添加对代理邻居公告(Proxy Neighbor Advertisement )的支持,同时还以管理工具的形式提供主动邻居公告(Unsolicited Neighbor Advertisement)的发送命令。
如果DAD 失败,则地址将被标识为“重复”,同时发送一个消息给syslog(通常也会发给控制台)。“重复”标志可以通过ifconfig(8)命令进行查看。管理员有责任去检查DAD 失败并从中恢复。这种机制在不久的将来应该会得到改进。
有些网络驱动程序会将组播包环回给它自己,哪怕你告诉它别这样也无济于事(尤其是在混杂模式中)。在这种情况下DAD 就会失败,因为DAD引擎看到了输入的NS 包(实际上是这个节点自己发的),认为是出现了重复的情况。你可以去看看sys/netinet6/nd6 nbr.c:nd6 dad timer() 函数中用注释为“heuristics”的#if条件编译宏包括起来的部分(注意,在“heuristics”部分中的代码段是不符合规范的)。
邻居发现(Neighbor Discovery )规范(RFC2461 )并未述及以下情况中的
邻居缓存处理:
1. 当没有邻居缓存条目的时候,节点收到未经请求的不带有链路层地址的RS/NS/NA/redirect包
2. 在没有链路层地址的媒质上的邻居缓存处理(我们需要一个邻居缓存条目用于IsRouter bit)
对于第一种情况,我们基于IETF ipngwg 邮件列表上的讨论进行了实现。如果想知道进一步的细节的话,可以参看源代码中的注释,并通过email 查看从1999年2月6日的(IPng 7155)开始的讨论线索。
IPv6 的on-link 判决规则(RFC2461 )已经和BSD 网络代码中的假设大为不同。目前,当默认路由器列表为空时,并不支持on-link 判决规则(RFC2461,5.2 节,第二段的最后一句话―
