Updated: 2022/Sep/29

Please read Privacy Policy. It's for your privacy.


IP6(4)                       Device Drivers Manual                      IP6(4)

NAME
     ip6 - Internet Protocol version 6 (IPv6) network layer

SYNOPSIS
     #include <sys/socket.h>
     #include <netinet/in.h>

     int
     socket(AF_INET6, SOCK_RAW, proto);

DESCRIPTION
     The IPv6 network layer is used by the IPv6 protocol family for
     transporting data.  IPv6 packets contain an IPv6 header that is not
     provided as part of the payload contents when passed to an application.
     IPv6 header options affect the behavior of this protocol and may be used
     by high-level protocols (such as the tcp(4) and udp(4) protocols) as well
     as directly by "raw sockets", which process IPv6 messages at a lower-
     level and may be useful for developing new protocols and special-purpose
     applications.

   Header
     All IPv6 packets begin with an IPv6 header.  When data received by the
     kernel are passed to the application, this header is not included in
     buffer, even when raw sockets are being used.  Likewise, when data are
     sent to the kernel for transmit from the application, the buffer is not
     examined for an IPv6 header: the kernel always constructs the header.  To
     directly access IPv6 headers from received packets and specify them as
     part of the buffer passed to the kernel, link-level access (bpf(4), for
     example) must be used instead.

     The header has the following definition:

           struct ip6_hdr {
                union {
                     struct ip6_hdrctl {
                          uint32_t ip6_un1_flow;   /* 20 bits of flow ID */
                          uint16_t ip6_un1_plen;   /* payload length */
                          uint8_t   ip6_un1_nxt;   /* next header */
                          uint8_t   ip6_un1_hlim;  /* hop limit */
                     } ip6_un1;
                     uint8_t ip6_un2_vfc;   /* version and class */
                } ip6_ctlun;
                struct in6_addr ip6_src;   /* source address */
                struct in6_addr ip6_dst;   /* destination address */
           } __packed;

           #define ip6_vfc         ip6_ctlun.ip6_un2_vfc
           #define ip6_flow        ip6_ctlun.ip6_un1.ip6_un1_flow
           #define ip6_plen        ip6_ctlun.ip6_un1.ip6_un1_plen
           #define ip6_nxt         ip6_ctlun.ip6_un1.ip6_un1_nxt
           #define ip6_hlim        ip6_ctlun.ip6_un1.ip6_un1_hlim
           #define ip6_hops        ip6_ctlun.ip6_un1.ip6_un1_hlim

     All fields are in network-byte order.  Any options specified (see Options
     below) must also be specified in network-byte order.

     ip6_flow specifies the flow ID.  ip6_plen specifies the payload length.
     ip6_nxt specifies the type of the next header.  ip6_hlim specifies the
     hop limit.

     The top 4 bits of ip6_vfc specify the class and the bottom 4 bits specify
     the version.

     ip6_src and ip6_dst specify the source and destination addresses.

     The IPv6 header may be followed by any number of extension headers that
     start with the following generic definition:

           struct ip6_ext {
                uint8_t ip6e_nxt;
                uint8_t ip6e_len;
           } __packed;

   Options
     IPv6 allows header options on packets to manipulate the behavior of the
     protocol.  These options and other control requests are accessed with the
     getsockopt(2) and setsockopt(2) system calls at level IPPROTO_IPV6 and by
     using ancillary data in recvmsg(2) and sendmsg(2).  They can be used to
     access most of the fields in the IPv6 header and extension headers.

     The following socket options are supported:

     IPV6_UNICAST_HOPS int *
             Get or set the default hop limit header field for outgoing
             unicast datagrams sent on this socket.  A value of -1 resets to
             the default value.

     IPV6_MULTICAST_IF u_int *
             Get or set the interface from which multicast packets will be
             sent.  For hosts with multiple interfaces, each multicast
             transmission is sent from the primary network interface.  The
             interface is specified as its index as provided by
             if_nametoindex(3).  A value of zero specifies the default
             interface.

     IPV6_MULTICAST_HOPS int *
             Get or set the default hop limit header field for outgoing
             multicast datagrams sent on this socket.  This option controls
             the scope of multicast datagram transmissions.

             Datagrams with a hop limit of 1 are not forwarded beyond the
             local network.  Multicast datagrams with a hop limit of zero will
             not be transmitted on any network but may be delivered locally if
             the sending host belongs to the destination group and if
             multicast loopback (see below) has not been disabled on the
             sending socket.  Multicast datagrams with a hop limit greater
             than 1 may be forwarded to the other networks if a multicast
             router (such as mrouted(8)) is attached to the local network.

     IPV6_MULTICAST_LOOP u_int *
             Get or set the status of whether multicast datagrams will be
             looped back for local delivery when a multicast datagram is sent
             to a group to which the sending host belongs.

             This option improves performance for applications that may have
             no more than one instance on a single host (such as a router
             daemon) by eliminating the overhead of receiving their own
             transmissions.  It should generally not be used by applications
             for which there may be more than one instance on a single host
             (such as a conferencing program) or for which the sender does not
             belong to the destination group (such as a time-querying
             program).

             A multicast datagram sent with an initial hop limit greater than
             1 may be delivered to the sending host on a different interface
             from that on which it was sent if the host belongs to the
             destination group on that other interface.  The multicast
             loopback control option has no effect on such delivery.

     IPV6_JOIN_GROUP struct ipv6_mreq *
             Join a multicast group.  A host must become a member of a
             multicast group before it can receive datagrams sent to the
             group.

             struct ipv6_mreq {
                     struct in6_addr ipv6mr_multiaddr;
                     unsigned int    ipv6mr_interface;
             };

             ipv6mr_interface may be set to zeroes to choose the default
             multicast interface or to the index of a particular multicast-
             capable interface if the host is multihomed.  Membership is
             associated with a single interface; programs running on
             multihomed hosts may need to join the same group on more than one
             interface.

             If the multicast address is unspecified (i.e., all zeroes),
             messages from all multicast addresses will be accepted by this
             group.  Note that setting to this value requires superuser
             privileges.

     IPV6_LEAVE_GROUP struct ipv6_mreq *
             Drop membership from the associated multicast group.  Memberships
             are automatically dropped when the socket is closed or when the
             process exits.

     IPV6_IPSEC_POLICY struct sadb_x_policy *
             Get or set IPSec policy for sockets.  For example,

             const char *policy = "in ipsec ah/transport//require";
             char *buf = ipsec_set_policy(policy, strlen(policy));
             setsockopt(s, IPPROTO_IPV6, IPV6_IPSEC_POLICY, buf, ipsec_get_policylen(buf));

     IPV6_PORTALGO int *
             The IP_PORTALGO can be used to randomize the port selection.
             Valid algorithms are described in rfc6056(7) and their respective
             constants are in <netinet/portalgo.h>.  For example,

             int algo = PORTALGO_ALGO_RANDOM_PICK;       /* see <netinet/portalgo.h> */
             setsockopt(s, IPPROTO_IPV6, IPV6_PORTALGO, &algo, sizeof(algo));

             The port selection can be also viewed and controlled at a global
             level for all IPV6 sockets using the following sysctl(7)
             variables: net.inet.ip6.anonportalgo.available and
             net.inet.ip6.anonportalgo.selected.

     IPV6_PORTRANGE int *
             Get or set the allocation policy of ephemeral ports for when the
             kernel automatically binds a local address to this socket.  The
             following values are available:

             IPV6_PORTRANGE_DEFAULT  Use the regular range of non-reserved
                                     ports (varies, see sysctl(8)).
             IPV6_PORTRANGE_HIGH     Use a high range (varies, see sysctl(8)).
             IPV6_PORTRANGE_LOW      Use a low, reserved range (600-1023).

     IPV6_PKTINFO int *
             Get or set whether additional information about subsequent
             packets will be provided as ancillary data along with the payload
             in subsequent recvmsg(2) calls.  The information is stored in the
             following structure in the ancillary data returned:

             struct in6_pktinfo {
                     struct in6_addr ipi6_addr;    /* src/dst IPv6 address */
                     unsigned int    ipi6_ifindex; /* send/recv if index */
             };

     IPV6_HOPLIMIT int *
             Get or set whether the hop limit header field from subsequent
             packets will be provided as ancillary data along with the payload
             in subsequent recvmsg(2) calls.  The value is stored as an int in
             the ancillary data returned.

     IPV6_HOPOPTS int *
             Get or set whether the hop-by-hop options from subsequent packets
             will be provided as ancillary data along with the payload in
             subsequent recvmsg(2) calls.  The option is stored in the
             following structure in the ancillary data returned:

             struct ip6_hbh {
                     uint8_t ip6h_nxt;       /* next header */
                     uint8_t ip6h_len;       /* length in units of 8 octets */
             /* followed by options */
             } __packed;

             The inet6_option_space() routine and family of routines may be
             used to manipulate this data.

             This option requires superuser privileges.

     IPV6_DSTOPTS int *
             Get or set whether the destination options from subsequent
             packets will be provided as ancillary data along with the payload
             in subsequent recvmsg(2) calls.  The option is stored in the
             following structure in the ancillary data returned:

             struct ip6_dest {
                     uint8_t ip6d_nxt;       /* next header */
                     uint8_t ip6d_len;       /* length in units of 8 octets */
             /* followed by options */
             } __packed;

             The inet6_option_space() routine and family of routines may be
             used to manipulate this data.

             This option requires superuser privileges.

     IPV6_RTHDR int *
             Get or set whether the routing header from subsequent packets
             will be provided as ancillary data along with the payload in
             subsequent recvmsg(2) calls.  The header is stored in the
             following structure in the ancillary data returned:

             struct ip6_rthdr {
                     uint8_t ip6r_nxt;       /* next header */
                     uint8_t ip6r_len;       /* length in units of 8 octets */
                     uint8_t ip6r_type;      /* routing type */
                     uint8_t ip6r_segleft;   /* segments left */
             /* followed by routing-type-specific data */
             } __packed;

             The inet6_option_space() routine and family of routines may be
             used to manipulate this data.

             This option requires superuser privileges.

     IPV6_PKTOPTIONS struct cmsghdr *
             Get or set all header options and extension headers at one time
             on the last packet sent or received on the socket.  All options
             must fit within the size of an mbuf (see mbuf(9)).  Options are
             specified as a series of cmsghdr structures followed by
             corresponding values.  cmsg_level is set to IPPROTO_IPV6,
             cmsg_type to one of the other values in this list, and trailing
             data to the option value.  When setting options, if the length
             optlen to setsockopt(2) is zero, all header options will be reset
             to their default values.  Otherwise, the length should specify
             the size the series of control messages consumes.

             Instead of using sendmsg(2) to specify option values, the
             ancillary data used in these calls that correspond to the desired
             header options may be directly specified as the control message
             in the series of control messages provided as the argument to
             setsockopt(2).

     IPV6_CHECKSUM int *
             Get or set the byte offset into a packet where the 16-bit
             checksum is located.  When set, this byte offset is where
             incoming packets will be expected to have checksums of their data
             stored and where outgoing packets will have checksums of their
             data computed and stored by the kernel.  A value of -1 specifies
             that no checksums will be checked on incoming packets and that no
             checksums will be computed or stored on outgoing packets.  The
             offset of the checksum for ICMPv6 sockets cannot be relocated or
             turned off.

     IPV6_V6ONLY int *
             Get or set whether only IPv6 connections can be made to this
             socket.  For wildcard sockets, this can restrict connections to
             IPv6 only.

     IPV6_FAITH int *
             Get or set the status of whether faith(4) connections can be made
             to this socket.

     IPV6_USE_MIN_MTU int *
             Get or set whether the minimal IPv6 maximum transmission unit
             (MTU) size will be used to avoid fragmentation from occurring for
             subsequent outgoing datagrams.

     IPV6_AUTH_LEVEL int *
             Get or set the ipsec(4) authentication level.

     IPV6_ESP_TRANS_LEVEL int *
             Get or set the ESP transport level.

     IPV6_ESP_NETWORK_LEVEL int *
             Get or set the ESP encapsulation level.

     IPV6_IPCOMP_LEVEL int *
             Get or set the ipcomp(4) level.

     IPV6_BINDANY
             If this option is enabled on a SOCK_STREAM, SOCK_DGRAM, or a
             SOCK_RAW socket, one can bind(2) to any address, even one not
             bound to any available network interface in the system.  This
             functionality (in conjunction with special firewall rules) can be
             used for implementing a transparent proxy.  The
             KAUTH_REQ_NETWORK_BIND_ANYADDR privilege is needed to set this
             option.

     The IPV6_PKTINFO, IPV6_HOPLIMIT, IPV6_HOPOPTS, IPV6_DSTOPTS, and
     IPV6_RTHDR options will return ancillary data along with payload contents
     in subsequent recvmsg(2) calls with cmsg_level set to IPPROTO_IPV6 and
     cmsg_type set to respective option name value (e.g., IPV6_HOPTLIMIT).
     These options may also be used directly as ancillary cmsg_type values in
     sendmsg(2) to set options on the packet being transmitted by the call.
     The cmsg_level value must be IPPROTO_IPV6.  For these options, the
     ancillary data object value format is the same as the value returned as
     explained for each when received with recvmsg(2).

     Note that using sendmsg(2) to specify options on particular packets works
     only on UDP and raw sockets.  To manipulate header options for packets on
     TCP sockets, only the socket options may be used.

     In some cases, there are multiple APIs defined for manipulating an IPv6
     header field.  A good example is the outgoing interface for multicast
     datagrams, which can be set by the IPV6_MULTICAST_IF socket option,
     through the IPV6_PKTINFO option, and through the sin6_scope_id field of
     the socket address passed to the sendto(2) system call.

     Resolving these conflicts is implementation dependent.  This
     implementation determines the value in the following way: options
     specified by using ancillary data (i.e., sendmsg(2)) are considered
     first, options specified by using IPV6_PKTOPTIONS to set "sticky" options
     are considered second, options specified by using the individual, basic,
     and direct socket options (e.g., IPV6_UNICAST_HOPS) are considered third,
     and options specified in the socket address supplied to sendto(2) are the
     last choice.

   Multicasting
     IPv6 multicasting is supported only on AF_INET6 sockets of type
     SOCK_DGRAM and SOCK_RAW, and only on networks where the interface driver
     supports multicasting.  Socket options (see above) that manipulate
     membership of multicast groups and other multicast options include
     IPV6_MULTICAST_IF, IPV6_MULTICAST_HOPS, IPV6_MULTICAST_LOOP,
     IPV6_LEAVE_GROUP, and IPV6_JOIN_GROUP.

   Raw Sockets
     Raw IPv6 sockets are connectionless and are normally used with the
     sendto(2) and recvfrom(2) calls, although the connect(2) call may be used
     to fix the destination address for future outgoing packets so that
     send(2) may instead be used and the bind(2) call may be used to fix the
     source address for future outgoing packets instead of having the kernel
     choose a source address.

     By using connect(2) or bind(2), raw socket input is constrained to only
     packets with their source address matching the socket destination address
     if connect(2) was used and to packets with their destination address
     matching the socket source address if bind(2) was used.

     If the proto argument to socket(2) is zero, the default protocol
     (IPPROTO_RAW) is used for outgoing packets.  For incoming packets,
     protocols recognized by kernel are not passed to the application socket
     (e.g., tcp(4) and udp(4)) except for some ICMPv6 messages.  The ICMPv6
     messages not passed to raw sockets include echo, timestamp, and address
     mask requests.  If proto is non-zero, only packets with this protocol
     will be passed to the socket.

     IPv6 fragments are also not passed to application sockets until they have
     been reassembled.  If reception of all packets is desired, link-level
     access (such as bpf(4)) must be used instead.

     Outgoing packets automatically have an IPv6 header prepended to them
     (based on the destination address and the protocol number the socket was
     created with).  Incoming packets are received by an application without
     the IPv6 header or any extension headers.

     Outgoing packets will be fragmented automatically by the kernel if they
     are too large.  Incoming packets will be reassembled before being sent to
     the raw socket, so packet fragments or fragment headers will never be
     seen on a raw socket.

EXAMPLES
     The following determines the hop limit on the next packet received:

     struct iovec iov[2];
     u_char buf[BUFSIZ];
     struct cmsghdr *cm;
     struct msghdr m;
     int found, optval;
     u_char data[2048];

     /* Create socket. */

     (void)memset(&m, 0, sizeof(m));
     (void)memset(&iov, 0, sizeof(iov));

     iov[0].iov_base = data;         /* buffer for packet payload */
     iov[0].iov_len = sizeof(data);  /* expected packet length */

     m.msg_name = &from;             /* sockaddr_in6 of peer */
     m.msg_namelen = sizeof(from);
     m.msg_iov = iov;
     m.msg_iovlen = 1;
     m.msg_control = buf;    /* buffer for control messages */
     m.msg_controllen = sizeof(buf);

     /*
      * Enable the hop limit value from received packets to be
      * returned along with the payload.
      */
     optval = 1;
     if (setsockopt(s, IPPROTO_IPV6, IPV6_HOPLIMIT, &optval,
         sizeof(optval)) == -1)
             err(1, "setsockopt");

     found = 0;
     while (!found) {
             if (recvmsg(s, &m, 0) == -1)
                     err(1, "recvmsg");
             for (cm = CMSG_FIRSTHDR(&m); cm != NULL;
                  cm = CMSG_NXTHDR(&m, cm)) {
                     if (cm->cmsg_level == IPPROTO_IPV6 &&
                         cm->cmsg_type == IPV6_HOPLIMIT &&
                         cm->cmsg_len == CMSG_LEN(sizeof(int))) {
                             found = 1;
                             (void)printf("hop limit: %d\n",
                                 *(int *)CMSG_DATA(cm));
                             break;
                     }
             }
     }

DIAGNOSTICS
     A socket operation may fail with one of the following errors returned:

     [EISCONN]        when trying to establish a connection on a socket which
                      already has one or when trying to send a datagram with
                      the destination address specified and the socket is
                      already connected.

     [ENOTCONN]       when trying to send a datagram, but no destination
                      address is specified, and the socket hasn't been
                      connected.

     [ENOBUFS]        when the system runs out of memory for an internal data
                      structure.

     [EADDRNOTAVAIL]  when an attempt is made to create a socket with a
                      network address for which no network interface exists.

     [EACCES]         when an attempt is made to create a raw IPv6 socket by a
                      non-privileged process.

     The following errors specific to IPv6 may occur when setting or getting
     header options:

     [EINVAL]         An unknown socket option name was given.

     [EINVAL]         An ancillary data object was improperly formed.

SEE ALSO
     getsockopt(2), recv(2), send(2), setsockopt(2), socket(2), CMSG_DATA(3),
     if_nametoindex(3), bpf(4), icmp6(4), inet6(4), netintro(4), tcp(4),
     udp(4)

     W. Stevens and M. Thomas, Advanced Sockets API for IPv6, RFC 2292,
     February 1998.

     S. Deering and R. Hinden, Internet Protocol, Version 6 (IPv6)
     Specification, RFC 2460, December 1998.

     R. Gilligan, S. Thomson, J. Bound, and W. Stevens, Basic Socket Interface
     Extensions for IPv6, RFC 2553, March 1999.

     W. Stevens, B. Fenner, and A. Rudoff, UNIX Network Programming, third
     edition.

STANDARDS
     Most of the socket options are defined in RFC 2292 or RFC 2553.  The
     IPV6_V6ONLY socket option is defined in RFC 3542.  The IPV6_PORTRANGE
     socket option and the conflict resolution rule are not defined in the
     RFCs and should be considered implementation dependent.

NetBSD 10.99                   September 8, 2020                  NetBSD 10.99