IPv6 Intelligence

FreeBSD IPv6

FreeBSD implements its IPv6 support from the Japanese KAME IPv6 project. The FreeBSD release 6.1 implements KAME from an unknown date and version (no references or hints were found on both sides). The core functions of the KAME stack are integrated. Support for several newer subprotocols is not integrated into the FreeBSD base system but has to be installed by either the ports mechanism or as third-party software. IPv6 is an (default-set) option in the installation; activation afterward is easy.

Content from 2-9/2007, updated April 2009
Current version FreeBSD 7.1 (Production), FreeBSD 6.4 (Legacy)
Tested version FreeBSD 6.1
Documentation for IPv6 documentation is not very exhaustive

Basic IPv6 functions

Overview

IPv6 is active by default; if not, it can be activated by adding the line ipv6_enable="YES" into the file /etc/rc.conf. The sysctl sysctl.net.inet6.ip6.accept_rtadv is set by default (to 1) and activates stateless autoconfiguration.

Preference

FreeBSD prefers IPv6 if a DNS query results in IPv4 and IPv6 addresses being sent back (A and AAAA RRs).

Privacy Extensions

Privacy addresses are not enabled by default. Their generation is activated with a sysctl: sysctl net.inet6.ip6.use_tempaddr=1 To prefer privacy addresses and use them over the normal addresses, a second sysctl has to be set: sysctl net.inet6.ip6.prefer_tempaddr=1

Packet Filter/Firewall

FreeBSD includes three packet filters, all of which are IPv6-capable:

up

Tunnelling IPv4/IPv6

Configured tunnels

FreeBSD supports configured tunnels with the gif tunnel-interface. Setting up a manual tunnel requires several steps on the command line.

Beforehand, you need the following information:

$host-ipv4
IPv4-address of the host
$router-ipv4
IPv4-address of the router/tunnel-server
$tunnel-v6host
(Tunnel) IPv6-address of the host
$tunnel-v6router
(Tunnel) IPv6-address of the router

Create the interface: ifconfig gif0 create
Set up the IPv4-endpoints of the tunnel: ifconfig gif0 tunnel $host-ipv4 $router-ipv4 Set up the IPv6-endpoints of the tunnel: ifconfig gif0 inet6 alias $tunnel-v6host $tunnel-v6router prefixlen 128 Set the (IPv6) default route on the tunnel: route add -inet6 default -interface gif0

6to4

FreeBSD supports automatic 6to4-tunnelling with the stf tunnel-interface. Setting up a 6to4 tunnel requires several steps on the command line.

Beforehand, you need the following information:

$6to4
6to4/IPv6-prefix of the host (see 6to4 Details: Creating the prefix for instructions).

Create the interface: ifconfig stf0 create Set up the 6to4/IPv6-endpoint of the tunnel: ifconfig stf0 inet6 $6to4 prefixlen 16 alias Set the (IPv6) default route on the public 6to4 anycast address: route add -inet6 default 2002:c058:6301::

up

DHCPv6

FreeBSD does not integrate DHCPv6 from the KAME IPv6 stack into its base system. DHCPv6 functionality can be obtained through external packages (see DHCPv6 software overview for comparison):

In our test WIDE DHCPv6 acted successfully as DHCPv6 client in stateful and stateless modes and obtained addresses and DNS information (see the above mentioned WIDE DHCPv6 page for more information and configuration hints).

up

PPPv6

FreeBSD supports two PPP implementations: the feature-rich (and tested here) User PPP, running in userland, and the slimmer Kernel PPP.

User PPP

FreeBSD integrates an IPv6-capable PPP daemon into its base system. The software supports RFC 24724 and was tested successfully with IPv6 on DSL (via PPPoE). The PPP daemon pppd automatically tries to negotiate IPv6 when establishing the PPP link (IPv6CP) and successfully creates a link-local address for the PPP interface. The IPv6 stack afterward receives RAs on the PPP link and configures an global address on the PPP interface.

Configuration of the PPP daemon is IPv6-agnostic. The following /etc/ppp/ppp.conf contains configuration for a PPPoE link (over the ethernet interface if):

default:
 set log Phase Chat LCP IPCP CCP tun command
 
pppoetest:
 set device PPPoE:if
 set authname username
 set authkey secret
 set dial
 set login

A manual connection can be made on the command line with: ppp -ddial pppoetest After connection establishment, the default route (for IPv6) has to be put on the PPP interface (tun0 in our case): route add -inet6 default -interface tun0

Kernel PPP

Since FreeBSD 7.0, the in-kernel PPP network interface supports IPv6/PPPv6.10 Its use has not been further tested and/or researched. In case, cf. the relevant chapters in the FreeBSD Handbook.11.

up

Supported IPv6 RFCs & IDs

There is no up-to-date list with the detailed IPv6-related RFCs and IDs FreeBSD supports. However, the FreeBSD Developer’s Handbook contains an older listing, albeit without information on which release and date the document refers to.

Newer RFCs are gathered from modifications logs to the operating system source (CVS commit logs) and deduced from various other information. They are referenced individually.

Table 1: FreeBSD IPv6 RFCs and IDs5
Document Title
RFC 1886 DNS Extensions to support IPv6
RFC 1933 Transition Mechanisms for IPv6 Hosts and Routers
RFC 1981 Path MTU Discovery for IPv6
RFC 2080 RIPng for IPv6
RFC 2292 Advanced Sockets API for IPv6
(obsoleted since release 5.2)
RFC 2362 Protocol Independent Multicast-Sparse Mode (PIM-SM)
RFC 2373 IPv6 Addressing Architecture
RFC 2374 An IPv6 Aggregatable Global Unicast Address Format
RFC 2375 IPv6 Multicast Address Assignments
RFC 2428 FTP Extensions for IPv6 and NATs
RFC 2460 IPv6 specification
RFC 2461 Neighbor discovery for IPv6
RFC 2462 IPv6 Stateless Address Autoconfiguration
RFC 2463 ICMPv6 for IPv6 specification
RFC 2464 Transmission of IPv6 Packets over Ethernet Networks
RFC 2465 MIB for IPv6: Textual Conventions and General Group
RFC 2466 MIB for IPv6: ICMPv6 group
RFC 2467 Transmission of IPv6 Packets over FDDI Networks
RFC 2497 Transmission of IPv6 packet over ARCnet Networks
RFC 2553 Basic Socket Interface Extensions for IPv6
RFC 2675 Basic Socket Interface Extensions for IPv6
RFC 2710 Multicast Listener Discovery for IPv6
RFC 2711 IPv6 router alert option
RFC 28936 Transition Mechanisms for IPv6 Hosts and Routers
RFC 30567 6to4 tunnelling
RFC 34848 Default address selection (apparently not used by default)
RFC 35429 IPv6 Advanced Sockets API
(since release 5.2)
RFC 509512 Deprecation of Type 0 Routing Headers in IPv6
(since March 2009, release unclear)
draft-ietf-ipngwg-router-renum-08 Router renumbering for IPv6
draft-ietf-ipngwg-icmp-namelookups-02 IPv6 Name Lookups Through ICMP
draft-ietf-ipngwg-icmp-name-lookups-03 IPv6 Name Lookups Through ICMP
draft-ietf-pim-ipv6-01 PIM for IPv6
draft-itojun-ipv6-tcp-to-anycast-00 Disconnecting TCP connection toward IPv6 anycast address
draft-yamamoto-wideipv6-comm-model-00 The IPv6 communication model
draft-ietf-ipngwg-scopedaddr-format-00 An Extension of Format for IPv6 Scoped Addresses

up

References

  1. Interview with Daniel Hartmeier (pf developer), 26.12.2006.
  2. FreeBSD 6.1 ipfw(8) manual page (FreeBSD.org: January 2006. Accessed 2.1.2007)
  3. FreeBSD 6.1 ipf(8) manual page (FreeBSD.org: n.d. Accessed 2.1.2007)
  4. FreeBSD CVS modification log to usr.sbin/ppp from Brian Somers on 28.8.2002 (FreeBSD.org. Accessed 20.12.2006)
  5. FreeBSD Developer’s Handbook: IPv6 Internals (Yoshinobu Inoue: n.d. Accessed 30.9.2006)
  6. Deduced from configured tunnel availability (see Configured tunnels section) and FreeBSD 6.1 gif(4) manual page (FreeBSD.org: April 1999. Accessed 3.2.2007)
  7. Deduced from 6to4 availability (see 6to4 section) and FreeBSD 6.1 stf(4) manual page (FreeBSD.org: April 2001. Accessed 3.2.2007)
  8. FreeBSD CVS modification log to src/etc/defaults/rc.conf and src/etc/rc.d/ip6addrctl from Hajimu UMEMOTO on 2.6.2004 (FreeBSD.org. Accessed 3.2.2007)
  9. FreeBSD 5.2-RELEASE Release Notes: Network Protocols (FreeBSD.org: January 2004. Accessed April 2009)
  10. FreeBSD 7.0-RELEASE Release Notes: Network Protocols (FreeBSD.org: February 2008. Accessed April 2009)
  11. FreeBSD Handbook: Using Kernel PPP (FreeBSD.org: 2009. Accessed April 2009)
  12. FreeBSD SVN modification log to head/sys/netinet and head/sys/netinet6 from Bjoern A. Zeeb on 3.3.2009 (MARKmail mail archive — FreeBSD mail archive almost impossible to use properly. Accessed April 2009)

up