sys/netinet6/in6_proto.c

caf43b02SWarner Losh/*-
51369649SPedro F. Giffuni * SPDX-License-Identifier: BSD-3-Clause
51369649SPedro F. Giffuni *
82cd038dSYoshinobu Inoue * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
82cd038dSYoshinobu Inoue * All rights reserved.
82cd038dSYoshinobu Inoue *
82cd038dSYoshinobu Inoue * Redistribution and use in source and binary forms, with or without
82cd038dSYoshinobu Inoue * modification, are permitted provided that the following conditions
82cd038dSYoshinobu Inoue * are met:
82cd038dSYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright
82cd038dSYoshinobu Inoue *    notice, this list of conditions and the following disclaimer.
82cd038dSYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright
82cd038dSYoshinobu Inoue *    notice, this list of conditions and the following disclaimer in the
82cd038dSYoshinobu Inoue *    documentation and/or other materials provided with the distribution.
82cd038dSYoshinobu Inoue * 3. Neither the name of the project nor the names of its contributors
82cd038dSYoshinobu Inoue *    may be used to endorse or promote products derived from this software
82cd038dSYoshinobu Inoue *    without specific prior written permission.
82cd038dSYoshinobu Inoue *
82cd038dSYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
82cd038dSYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
82cd038dSYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
82cd038dSYoshinobu Inoue * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
82cd038dSYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
82cd038dSYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
82cd038dSYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
82cd038dSYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
82cd038dSYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
82cd038dSYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
82cd038dSYoshinobu Inoue * SUCH DAMAGE.
b48287a3SDavid E. O'Brien *
b48287a3SDavid E. O'Brien *	$KAME: in6_proto.c,v 1.91 2001/05/27 13:28:35 itojun Exp $
82cd038dSYoshinobu Inoue */
82cd038dSYoshinobu Inoue
caf43b02SWarner Losh/*-
82cd038dSYoshinobu Inoue * Copyright (c) 1982, 1986, 1993
82cd038dSYoshinobu Inoue *	The Regents of the University of California.  All rights reserved.
82cd038dSYoshinobu Inoue *
82cd038dSYoshinobu Inoue * Redistribution and use in source and binary forms, with or without
82cd038dSYoshinobu Inoue * modification, are permitted provided that the following conditions
82cd038dSYoshinobu Inoue * are met:
82cd038dSYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright
82cd038dSYoshinobu Inoue *    notice, this list of conditions and the following disclaimer.
82cd038dSYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright
82cd038dSYoshinobu Inoue *    notice, this list of conditions and the following disclaimer in the
82cd038dSYoshinobu Inoue *    documentation and/or other materials provided with the distribution.
fbbd9655SWarner Losh * 3. Neither the name of the University nor the names of its contributors
82cd038dSYoshinobu Inoue *    may be used to endorse or promote products derived from this software
82cd038dSYoshinobu Inoue *    without specific prior written permission.
82cd038dSYoshinobu Inoue *
82cd038dSYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
82cd038dSYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
82cd038dSYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
82cd038dSYoshinobu Inoue * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
82cd038dSYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
82cd038dSYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
82cd038dSYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
82cd038dSYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
82cd038dSYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
82cd038dSYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
82cd038dSYoshinobu Inoue * SUCH DAMAGE.
82cd038dSYoshinobu Inoue */
82cd038dSYoshinobu Inoue
b48287a3SDavid E. O'Brien#include <sys/cdefs.h>
fb59c426SYoshinobu Inoue#include "opt_inet.h"
686cdd19SJun-ichiro itojun Hagino#include "opt_inet6.h"
6a800098SYoshinobu Inoue#include "opt_ipsec.h"
f8a8f9caSSUZUKI Shinsuke#include "opt_ipstealth.h"
f8829a4aSRandall Stewart#include "opt_sctp.h"
77931dd5SKip Macy#include "opt_route.h"
6a800098SYoshinobu Inoue
82cd038dSYoshinobu Inoue#include <sys/param.h>
82cd038dSYoshinobu Inoue#include <sys/socket.h>
82cd038dSYoshinobu Inoue#include <sys/socketvar.h>
385195c0SMarko Zec#include <sys/proc.h>
82cd038dSYoshinobu Inoue#include <sys/protosw.h>
ebd8672cSBjoern A. Zeeb#include <sys/jail.h>
82cd038dSYoshinobu Inoue#include <sys/kernel.h>
8ec07310SGleb Smirnoff#include <sys/malloc.h>
82cd038dSYoshinobu Inoue#include <sys/domain.h>
82cd038dSYoshinobu Inoue#include <sys/mbuf.h>
82cd038dSYoshinobu Inoue#include <sys/systm.h>
82cd038dSYoshinobu Inoue#include <sys/sysctl.h>
82cd038dSYoshinobu Inoue
77fe40cfSGleb Smirnoff#include <net/if.h>
77fe40cfSGleb Smirnoff#include <net/if_var.h>
82cd038dSYoshinobu Inoue#include <netinet/in.h>
77fe40cfSGleb Smirnoff#include <netinet/ip6.h>
77fe40cfSGleb Smirnoff#include <netinet6/in6_var.h>
77fe40cfSGleb Smirnoff#include <netinet6/ip6_var.h>
686cdd19SJun-ichiro itojun Hagino#include <netinet/icmp6.h>
77fe40cfSGleb Smirnoff#include <netinet6/nd6.h>
33841545SHajimu UMEMOTO#include <netinet6/raw_ip6.h>
82cd038dSYoshinobu Inoue
e7d02be1SGleb Smirnoff/* netinet6/raw_ip6.c */
61f7427fSGleb Smirnoffextern struct protosw rip6_protosw;
e7d02be1SGleb Smirnoff/* netinet6/udp6_usrreq.c */
e7d02be1SGleb Smirnoffextern struct protosw udp6_protosw, udplite6_protosw;
92e190f1SGleb Smirnoff/* netinet/tcp_usrreq.c */
92e190f1SGleb Smirnoffextern struct protosw tcp6_protosw;
77fe40cfSGleb Smirnoff/* netinet/sctp6_usrreq.c */
77fe40cfSGleb Smirnoffextern struct protosw sctp6_seqpacket_protosw, sctp6_stream_protosw;
e7d02be1SGleb Smirnoff
82cd038dSYoshinobu Inoue/*
82cd038dSYoshinobu Inoue * TCP/IP protocol family: IP6, ICMP6, UDP, TCP.
82cd038dSYoshinobu Inoue */
8d5a3ca7SBjoern A. ZeebFEATURE(inet6, "Internet Protocol version 6");
82cd038dSYoshinobu Inoue
303989a2SRuslan Ermilovstruct domain inet6domain = {
303989a2SRuslan Ermilov	.dom_family =		AF_INET6,
303989a2SRuslan Ermilov	.dom_name =		"internet6",
303989a2SRuslan Ermilov	.dom_rtattach =		in6_inithead,
bc29160dSMarko Zec#ifdef VIMAGE
bc29160dSMarko Zec	.dom_rtdetach =		in6_detachhead,
bc29160dSMarko Zec#endif
303989a2SRuslan Ermilov	.dom_ifattach =		in6_domifattach,
1a75e3b2SAlexander V. Chernikov	.dom_ifdetach =		in6_domifdetach,
e7d02be1SGleb Smirnoff	.dom_ifmtu    =		in6_domifmtu,
61f7427fSGleb Smirnoff	.dom_nprotosw =		14,
e7d02be1SGleb Smirnoff	.dom_protosw = {
e7d02be1SGleb Smirnoff		&tcp6_protosw,
e7d02be1SGleb Smirnoff		&udp6_protosw,
e7d02be1SGleb Smirnoff#ifdef SCTP
e7d02be1SGleb Smirnoff		&sctp6_seqpacket_protosw,
e7d02be1SGleb Smirnoff		&sctp6_stream_protosw,
e7d02be1SGleb Smirnoff#else
e7d02be1SGleb Smirnoff		NULL, NULL,
e7d02be1SGleb Smirnoff#endif
e7d02be1SGleb Smirnoff		&udplite6_protosw,
e7d02be1SGleb Smirnoff		&rip6_protosw,
e7d02be1SGleb Smirnoff		/* Spacer 8 times for loadable protocols. XXXGL: why 8? */
e7d02be1SGleb Smirnoff		NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
e7d02be1SGleb Smirnoff	},
303989a2SRuslan Ermilov};
82cd038dSYoshinobu Inoue
644ca084SGleb SmirnoffDOMAIN_SET(inet6);
82cd038dSYoshinobu Inoue
82cd038dSYoshinobu Inoue/*
82cd038dSYoshinobu Inoue * Internet configuration info
82cd038dSYoshinobu Inoue */
82cea7e6SBjoern A. Zeeb#ifndef	IPV6FORWARDING
82cea7e6SBjoern A. Zeeb#ifdef GATEWAY6
82cea7e6SBjoern A. Zeeb#define	IPV6FORWARDING	1	/* forward IP6 packets not for us */
82cea7e6SBjoern A. Zeeb#else
82cea7e6SBjoern A. Zeeb#define	IPV6FORWARDING	0	/* don't forward IP6 packets not for us */
82cea7e6SBjoern A. Zeeb#endif /* GATEWAY6 */
82cea7e6SBjoern A. Zeeb#endif /* !IPV6FORWARDING */
82cea7e6SBjoern A. Zeeb
82cea7e6SBjoern A. Zeeb#ifndef	IPV6_SENDREDIRECTS
82cea7e6SBjoern A. Zeeb#define	IPV6_SENDREDIRECTS	1
82cea7e6SBjoern A. Zeeb#endif
82cea7e6SBjoern A. Zeeb
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_forwarding) = IPV6FORWARDING;	/* act as router? */
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_sendredirects) = IPV6_SENDREDIRECTS;
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_defhlim) = IPV6_DEFHLIM;
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_defmcasthlim) = IPV6_DEFAULT_MULTICAST_HOPS;
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_accept_rtadv) = 0;
e7fa8d0aSHiroki SatoVNET_DEFINE(int, ip6_no_radr) = 0;
e7fa8d0aSHiroki SatoVNET_DEFINE(int, ip6_norbit_raif) = 0;
049087a0SHiroki SatoVNET_DEFINE(int, ip6_rfc6204w3) = 0;
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_hdrnestlimit) = 15;/* How many header options will we
82cea7e6SBjoern A. Zeeb					 * process? */
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_dad_count) = 1;	/* DupAddrDetectionTransmits */
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_auto_flowlabel) = 1;
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_use_deprecated) = 1;/* allow deprecated addr
82cea7e6SBjoern A. Zeeb					 * (RFC2462 5.5.4) */
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_rr_prune) = 5;	/* router renumbering prefix
82cea7e6SBjoern A. Zeeb					 * walk list every 5 sec. */
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_mcast_pmtu) = 0;	/* enable pMTU discovery for multicast? */
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6_v6only) = 1;
82cea7e6SBjoern A. Zeeb
82cea7e6SBjoern A. Zeeb#ifdef IPSTEALTH
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, ip6stealth) = 0;
82cea7e6SBjoern A. Zeeb#endif
3eaffc62SPawel BiernackiVNET_DEFINE(bool, ip6_log_cannot_forward) = 1;
82cd038dSYoshinobu Inoue
82cd038dSYoshinobu Inoue/*
82cd038dSYoshinobu Inoue * BSDI4 defines these variables in in_proto.c...
82cd038dSYoshinobu Inoue * XXX: what if we don't define INET? Should we define pmtu6_expire
82cd038dSYoshinobu Inoue * or so? (jinmei@kame.net 19990310)
82cd038dSYoshinobu Inoue */
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, pmtu_expire) = 60*10;
82cea7e6SBjoern A. ZeebVNET_DEFINE(int, pmtu_probe) = 60*2;
82cd038dSYoshinobu Inoue
35b6e52cSPawel BiernackiVNET_DEFINE_STATIC(int, ip6_log_interval) = 5;
35b6e52cSPawel BiernackiVNET_DEFINE_STATIC(int, ip6_log_count) = 0;
35b6e52cSPawel BiernackiVNET_DEFINE_STATIC(struct timeval, ip6_log_last) = { 0 };
35b6e52cSPawel Biernacki
35b6e52cSPawel Biernacki#define	V_ip6_log_interval	VNET(ip6_log_interval)
35b6e52cSPawel Biernacki#define	V_ip6_log_count		VNET(ip6_log_count)
35b6e52cSPawel Biernacki#define	V_ip6_log_last		VNET(ip6_log_last)
35b6e52cSPawel Biernacki
82cd038dSYoshinobu Inoue/*
82cd038dSYoshinobu Inoue * sysctl related items.
82cd038dSYoshinobu Inoue */
7029da5cSPawel BiernackiSYSCTL_NODE(_net, PF_INET6, inet6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
82cd038dSYoshinobu Inoue    "Internet6 Family");
82cd038dSYoshinobu Inoue
82cd038dSYoshinobu Inoue/* net.inet6 */
7029da5cSPawel BiernackiSYSCTL_NODE(_net_inet6,	IPPROTO_IPV6, ip6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
7029da5cSPawel Biernacki    "IP6");
7029da5cSPawel BiernackiSYSCTL_NODE(_net_inet6,	IPPROTO_ICMPV6, icmp6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
7029da5cSPawel Biernacki    "ICMP6");
7029da5cSPawel BiernackiSYSCTL_NODE(_net_inet6,	IPPROTO_UDP, udp6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
7029da5cSPawel Biernacki    "UDP6");
7029da5cSPawel BiernackiSYSCTL_NODE(_net_inet6,	IPPROTO_TCP, tcp6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
7029da5cSPawel Biernacki    "TCP6");
95033af9SMark Johnston#if defined(SCTP) || defined(SCTP_SUPPORT)
7029da5cSPawel BiernackiSYSCTL_NODE(_net_inet6,	IPPROTO_SCTP, sctp6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
7029da5cSPawel Biernacki    "SCTP6");
f8829a4aSRandall Stewart#endif
fcf59617SAndrey V. Elsukov#if defined(IPSEC) || defined(IPSEC_SUPPORT)
7029da5cSPawel BiernackiSYSCTL_NODE(_net_inet6,	IPPROTO_ESP, ipsec6, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
7029da5cSPawel Biernacki    "IPSEC6");
b2630c29SGeorge V. Neville-Neil#endif /* IPSEC */
82cd038dSYoshinobu Inoue
82cd038dSYoshinobu Inoue/* net.inet6.ip6 */
82cd038dSYoshinobu Inouestatic int
33841545SHajimu UMEMOTOsysctl_ip6_temppltime(SYSCTL_HANDLER_ARGS)
82cd038dSYoshinobu Inoue{
82366c22SMark Johnston	int error, val;
82cd038dSYoshinobu Inoue
82366c22SMark Johnston	val = V_ip6_temp_preferred_lifetime;
82366c22SMark Johnston	error = sysctl_handle_int(oidp, &val, 0, req);
82366c22SMark Johnston	if (error != 0 || !req->newptr)
82cd038dSYoshinobu Inoue		return (error);
82366c22SMark Johnston	if (val < V_ip6_desync_factor + V_ip6_temp_regen_advance)
33841545SHajimu UMEMOTO		return (EINVAL);
82366c22SMark Johnston	V_ip6_temp_preferred_lifetime = val;
82366c22SMark Johnston	return (0);
82cd038dSYoshinobu Inoue}
82cd038dSYoshinobu Inoue
686cdd19SJun-ichiro itojun Haginostatic int
33841545SHajimu UMEMOTOsysctl_ip6_tempvltime(SYSCTL_HANDLER_ARGS)
686cdd19SJun-ichiro itojun Hagino{
82366c22SMark Johnston	int error, val;
686cdd19SJun-ichiro itojun Hagino
82366c22SMark Johnston	val = V_ip6_temp_valid_lifetime;
82366c22SMark Johnston	error = sysctl_handle_int(oidp, &val, 0, req);
82366c22SMark Johnston	if (error != 0 || !req->newptr)
686cdd19SJun-ichiro itojun Hagino		return (error);
82366c22SMark Johnston	if (val < V_ip6_temp_preferred_lifetime)
686cdd19SJun-ichiro itojun Hagino		return (EINVAL);
82366c22SMark Johnston	V_ip6_temp_valid_lifetime = val;
82366c22SMark Johnston	return (0);
686cdd19SJun-ichiro itojun Hagino}
686cdd19SJun-ichiro itojun Hagino
35b6e52cSPawel Biernackiint
35b6e52cSPawel Biernackiip6_log_ratelimit(void)
35b6e52cSPawel Biernacki{
35b6e52cSPawel Biernacki
35b6e52cSPawel Biernacki	return (ppsratecheck(&V_ip6_log_last, &V_ip6_log_count,
35b6e52cSPawel Biernacki	    V_ip6_log_interval));
35b6e52cSPawel Biernacki}
35b6e52cSPawel Biernacki
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_FORWARDING, forwarding,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_forwarding), 0,
762d16d9SMark Johnston	"Enable forwarding of IPv6 packets between interfaces");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_SENDREDIRECTS, redirect,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_sendredirects), 0,
762d16d9SMark Johnston	"Send ICMPv6 redirects for unforwardable IPv6 packets");
82366c22SMark JohnstonSYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFHLIM, hlim,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_defhlim), 0,
762d16d9SMark Johnston	"Default hop limit to use for outgoing IPv6 packets");
a786f679SAndrey V. ElsukovSYSCTL_VNET_PCPUSTAT(_net_inet6_ip6, IPV6CTL_STATS, stats, struct ip6stat,
82366c22SMark Johnston	ip6stat,
82366c22SMark Johnston	"IP6 statistics (struct ip6stat, netinet6/ip6_var.h)");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_ACCEPT_RTADV, accept_rtadv,
*03dac3e3SZhenlei Huang	CTLFLAG_VNET | CTLFLAG_RWTUN, &VNET_NAME(ip6_accept_rtadv), 0,
82366c22SMark Johnston	"Default value of per-interface flag for accepting ICMPv6 RA messages");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_NO_RADR, no_radr,
*03dac3e3SZhenlei Huang	CTLFLAG_VNET | CTLFLAG_RWTUN, &VNET_NAME(ip6_no_radr), 0,
e7fa8d0aSHiroki Sato	"Default value of per-interface flag to control whether routers "
e7fa8d0aSHiroki Sato	"sending ICMPv6 RA messages on that interface are added into the "
82366c22SMark Johnston	"default router list");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_NORBIT_RAIF, norbit_raif,
6df8a710SGleb Smirnoff	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_norbit_raif), 0,
82366c22SMark Johnston	"Always set clear the R flag in ICMPv6 NA messages when accepting RA "
82366c22SMark Johnston	"on the interface");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_RFC6204W3, rfc6204w3,
6df8a710SGleb Smirnoff	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_rfc6204w3), 0,
049087a0SHiroki Sato	"Accept the default router list from ICMPv6 RA messages even "
82366c22SMark Johnston	"when packet forwarding is enabled");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL, log_interval,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_log_interval), 0,
82366c22SMark Johnston	"Frequency in seconds at which to log IPv6 forwarding errors");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_HDRNESTLIMIT, hdrnestlimit,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_hdrnestlimit), 0,
762d16d9SMark Johnston	"Default maximum number of IPv6 extension headers permitted on "
762d16d9SMark Johnston	"incoming IPv6 packets, 0 for no artificial limit");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_DAD_COUNT, dad_count,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_dad_count), 0,
82366c22SMark Johnston	"Number of ICMPv6 NS messages sent during duplicate address detection");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL, auto_flowlabel,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_auto_flowlabel), 0,
82366c22SMark Johnston	"Provide an IPv6 flowlabel in outbound packets");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFMCASTHLIM, defmcasthlim,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_defmcasthlim), 0,
762d16d9SMark Johnston	"Default hop limit for IPv6 multicast packets originating from this "
762d16d9SMark Johnston	"node");
eddfbb76SRobert WatsonSYSCTL_STRING(_net_inet6_ip6, IPV6CTL_KAME_VERSION, kame_version,
82366c22SMark Johnston	CTLFLAG_RD, __KAME_VERSION, 0,
82366c22SMark Johnston	"KAME version string");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEPRECATED, use_deprecated,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_use_deprecated), 0,
82366c22SMark Johnston	"Allow the use of addresses whose preferred lifetimes have expired");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_RR_PRUNE, rr_prune,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_rr_prune), 0,
82366c22SMark Johnston	""); /* XXX unused */
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_USETEMPADDR, use_tempaddr,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_use_tempaddr), 0,
82366c22SMark Johnston	"Create RFC3041 temporary addresses for autoconfigured addresses");
6df8a710SGleb SmirnoffSYSCTL_PROC(_net_inet6_ip6, IPV6CTL_TEMPPLTIME, temppltime,
7029da5cSPawel Biernacki	CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
82366c22SMark Johnston	NULL, 0, sysctl_ip6_temppltime, "I",
82366c22SMark Johnston	"Maximum preferred lifetime for temporary addresses");
6df8a710SGleb SmirnoffSYSCTL_PROC(_net_inet6_ip6, IPV6CTL_TEMPVLTIME, tempvltime,
7029da5cSPawel Biernacki	CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT,
82366c22SMark Johnston	NULL, 0, sysctl_ip6_tempvltime, "I",
82366c22SMark Johnston	"Maximum valid lifetime for temporary addresses");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_V6ONLY, v6only,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_v6only), 0,
82366c22SMark Johnston	"Restrict AF_INET6 sockets to IPv6 addresses only");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_LINKLOCAL, auto_linklocal,
*03dac3e3SZhenlei Huang	CTLFLAG_VNET | CTLFLAG_RWTUN, &VNET_NAME(ip6_auto_linklocal), 0,
a283298cSHiroki Sato	"Default value of per-interface flag for automatically adding an IPv6 "
a283298cSHiroki Sato	"link-local address to interfaces when attached");
a786f679SAndrey V. ElsukovSYSCTL_VNET_PCPUSTAT(_net_inet6_ip6, IPV6CTL_RIP6STATS, rip6stats,
a786f679SAndrey V. Elsukov	struct rip6stat, rip6stat,
a786f679SAndrey V. Elsukov	"Raw IP6 statistics (struct rip6stat, netinet6/raw_ip6.h)");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_PREFER_TEMPADDR, prefer_tempaddr,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_prefer_tempaddr), 0,
82366c22SMark Johnston	"Prefer RFC3041 temporary addresses in source address selection");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEFAULTZONE, use_defaultzone,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_use_defzone), 0,
82366c22SMark Johnston	"Use the default scope zone when none is specified");
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_MCAST_PMTU, mcast_pmtu,
82366c22SMark Johnston	CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_mcast_pmtu), 0,
82366c22SMark Johnston	"Enable path MTU discovery for multicast packets");
f8a8f9caSSUZUKI Shinsuke#ifdef IPSTEALTH
6df8a710SGleb SmirnoffSYSCTL_INT(_net_inet6_ip6, IPV6CTL_STEALTH, stealth, CTLFLAG_VNET | CTLFLAG_RW,
82366c22SMark Johnston	&VNET_NAME(ip6stealth), 0,
82366c22SMark Johnston	"Forward IPv6 packets without decrementing their TTL");
f8a8f9caSSUZUKI Shinsuke#endif
3eaffc62SPawel BiernackiSYSCTL_BOOL(_net_inet6_ip6, OID_AUTO,
3eaffc62SPawel Biernacki	log_cannot_forward, CTLFLAG_VNET | CTLFLAG_RW,
3eaffc62SPawel Biernacki	&VNET_NAME(ip6_log_cannot_forward), 1,
3eaffc62SPawel Biernacki	"Log packets that cannot be forwarded");