From owner-freebsd-net@FreeBSD.ORG Wed Jan 14 01:58:33 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 60E3116A4CE for ; Wed, 14 Jan 2004 01:58:33 -0800 (PST) Received: from zibbi.icomtek.csir.co.za (zibbi.icomtek.csir.co.za [146.64.24.58]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9402B43D2F for ; Wed, 14 Jan 2004 01:58:21 -0800 (PST) (envelope-from jhay@zibbi.icomtek.csir.co.za) Received: from zibbi.icomtek.csir.co.za (localhost [IPv6:::1]) i0E9wFNJ097030; Wed, 14 Jan 2004 11:58:15 +0200 (SAST) (envelope-from jhay@zibbi.icomtek.csir.co.za) Received: (from jhay@localhost) by zibbi.icomtek.csir.co.za (8.12.9/8.12.9/Submit) id i0E9wEoq097029; Wed, 14 Jan 2004 11:58:14 +0200 (SAST) (envelope-from jhay) Date: Wed, 14 Jan 2004 11:58:14 +0200 From: John Hay To: Luigi Rizzo Message-ID: <20040114095814.GA96762@zibbi.icomtek.csir.co.za> References: <20040114012913.A91612@xorpc.icir.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040114012913.A91612@xorpc.icir.org> User-Agent: Mutt/1.4i cc: net@freebsd.org Subject: Re: 'ipv6' type in /etc/protocols ? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jan 2004 09:58:33 -0000 On Wed, Jan 14, 2004 at 01:29:13AM -0800, Luigi Rizzo wrote: > hi, > in implementing ipv6 support for ipfw2, i hit the following > problem: /etc/protocols has an entry: > > ipv6 41 IPV6 # ipv6 > > which is somewhat confusing for the parser -- if you > type something like > > ipfw add allow ipv6 from foo to bar > > the "ipv6" will match in the call to getprotobyname() and > the above will be translated into a rule that matches packets with > ip->ip_proto == 41 (6 is TCP, 17 is UDP, etc.), while i presume > that what one would really want with the above notation is to > match IPv6 packets, i.e. > > + layer2 packets with mac-type 0x86dd (ipv6) > + layer3 packets with ip->ip_v == 6 > > Now, i can put a special case for the keyword 'ipv6', but > I wonder, what do we do with ip->ip_proto == 41 ? Does it > make sense to handle this request ? And in this case, > what name do we use for it to avoid conflicts ? > Looking at /sys/netinet/in.h, it appears that > ip_proto == 4 and 41 refer to encapsulations of ipv4 and ipv6 > into ip... That is used when transporting IPv6 packets over parts of the network that doesn't have native IPv6 support. It is used when configuring a gif(4) tunnel for instance: ifconfig gif0 gif0: flags=8051 mtu 1280 tunnel inet xxx.xx.8.68 --> xxx.xx.223.30 inet6 fe80::290:27ff:fe06:5b24%gif0 prefixlen 64 scopeid 0x5 John -- John Hay -- John.Hay@icomtek.csir.co.za / jhay@FreeBSD.org