1.\" $OpenBSD: ip.4,v 1.28 2008/05/09 08:16:35 markus Exp $ 2.\" $NetBSD: ip.4,v 1.3 1994/11/30 16:22:19 jtc Exp $ 3.\" 4.\" Copyright (c) 1983, 1991, 1993 5.\" The Regents of the University of California. All rights reserved. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 3. Neither the name of the University nor the names of its contributors 16.\" may be used to endorse or promote products derived from this software 17.\" without specific prior written permission. 18.\" 19.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" 31.\" @(#)ip.4 8.2 (Berkeley) 11/30/93 32.\" 33.Dd $Mdocdate: May 9 2008 $ 34.Dt IP 4 35.Os 36.Sh NAME 37.Nm ip 38.Nd Internet Protocol 39.Sh SYNOPSIS 40.Fd #include <sys/socket.h> 41.Fd #include <netinet/in.h> 42.Ft int 43.Fn socket AF_INET SOCK_RAW proto 44.Sh DESCRIPTION 45.Tn IP 46is the network layer protocol used 47by the Internet protocol family. 48Options may be set at the 49.Tn IP 50level 51when using higher-level protocols that are based on 52.Tn IP 53(such as 54.Tn TCP 55and 56.Tn UDP ) . 57It may also be accessed 58through a 59.Dq raw socket 60when developing new protocols, or 61special-purpose applications. 62.Pp 63There are several 64.Tn IP-level 65.Xr setsockopt 2 Ns / Ns Xr getsockopt 2 66options. 67.Dv IP_OPTIONS 68may be used to provide 69.Tn IP 70options to be transmitted in the 71.Tn IP 72header of each outgoing packet 73or to examine the header options on incoming packets. 74.Tn IP 75options may be used with any socket type in the Internet family. 76The format of 77.Tn IP 78options to be sent is that specified by the 79.Tn IP 80protocol specification (RFC 791), with one exception: 81the list of addresses for Source Route options must include the first-hop 82gateway at the beginning of the list of gateways. 83The first-hop gateway address will be extracted from the option list 84and the size adjusted accordingly before use. 85To disable previously specified options, 86use a zero-length buffer: 87.Bd -literal -offset indent 88setsockopt(s, IPPROTO_IP, IP_OPTIONS, NULL, 0); 89.Ed 90.Pp 91.Dv IP_TOS 92and 93.Dv IP_TTL 94may be used to set the type-of-service and time-to-live 95fields in the 96.Tn IP 97header for 98.Dv SOCK_STREAM 99and 100.Dv SOCK_DGRAM 101sockets. 102For example, 103.Bd -literal -offset indent 104int tos = IPTOS_LOWDELAY; /* see <netinet/ip.h> */ 105setsockopt(s, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); 106 107int ttl = 60; /* max = 255 */ 108setsockopt(s, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl)); 109.Ed 110.Pp 111If the 112.Dv IP_RECVDSTADDR 113option is enabled on a 114.Dv SOCK_DGRAM 115socket, 116the 117.Xr recvmsg 2 118call will return the destination 119.Tn IP 120address for a 121.Tn UDP 122datagram. 123The 124.Va msg_control 125field in the 126.Vt msghdr 127structure points to a buffer that contains a 128.Vt cmsghdr 129structure followed by the 130.Tn IP 131address. 132The 133.Vt cmsghdr 134fields have the following values: 135.Bd -literal -offset indent 136cmsg_len = CMSG_LEN(sizeof(struct in_addr)) 137cmsg_level = IPPROTO_IP 138cmsg_type = IP_RECVDSTADDR 139.Ed 140.Pp 141If the 142.Dv IP_RECVDSTPORT 143option is enabled on a 144.Dv SOCK_DGRAM 145socket, 146the 147.Xr recvmsg 2 148call will return the destination 149port for a 150.Tn UDP 151datagram. 152The 153.Va msg_control 154field in the 155.Vt msghdr 156structure points to a buffer that contains a 157.Vt cmsghdr 158structure followed by the port in 16-bit network byte order. 159The 160.Vt cmsghdr 161fields have the following values: 162.Bd -literal -offset indent 163cmsg_len = CMSG_LEN(sizeof(u_int16_t)) 164cmsg_level = IPPROTO_IP 165cmsg_type = IP_RECVDSTPORT 166.Ed 167.Pp 168If the 169.Dv IP_RECVTTL 170option is enabled on a 171.Dv SOCK_DGRAM 172or 173.Dv SOCK_RAW 174socket, the 175.Xr recvmsg 2 176call will return the 177.Tn TTL 178of the received datagram. 179The 180.Va msg_control 181field in the 182.Vt msghdr 183structure points to a buffer that contains a 184.Vt cmsghdr 185structure followed by the 186.Tn TTL 187value. 188The 189.Vt cmsghdr 190fields have the following values: 191.Bd -literal -offset indent 192cmsg_len = CMSG_LEN(sizeof(struct in_addr)) 193cmsg_level = IPPROTO_IP 194cmsg_type = IP_RECVTTL 195.Ed 196.Pp 197The 198.Dv IP_MINTTL 199option may be used on 200.Dv SOCK_STREAM 201sockets to discard packets with a TTL lower than the option value. 202This can be used to implement the 203.Em Generalized TTL Security Mechanism (GTSM) 204according to RFC 3682. 205To discard all packets with a TTL lower than 255: 206.Bd -literal -offset indent 207int minttl = 255; 208setsockopt(s, IPPROTO_IP, IP_MINTTL, &minttl, sizeof(minttl)); 209.Ed 210.Pp 211The 212.Dv IP_PORTRANGE 213option causes the default allocation policy for when the kernel is asked 214to choose a free port number. 215Three choices are available: 216.Pp 217.Bl -tag -width IP_PORTRANGE_DEFAULT -compact -offset indent 218.It Dv IP_PORTRANGE_DEFAULT 219The regular range of non-reserved ports. 220.It Dv IP_PORTRANGE_HIGH 221A high range, for fun. 222.It Dv IP_PORTRANGE_LOW 223Reserved ports; between 600 and 1023. 224.El 225.Ss "Multicast Options" 226.Tn IP 227multicasting is supported only on 228.Dv AF_INET 229sockets of type 230.Dv SOCK_DGRAM 231and 232.Dv SOCK_RAW , 233and only on networks where the interface 234driver supports multicasting. 235.Pp 236The 237.Dv IP_MULTICAST_TTL 238option changes the time-to-live (TTL) 239for outgoing multicast datagrams 240in order to control the scope of the multicasts: 241.Bd -literal -offset indent 242u_char ttl; /* range: 0 to 255, default = 1 */ 243setsockopt(s, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl)); 244.Ed 245.Pp 246Datagrams with a TTL of 1 are not forwarded beyond the local network. 247Multicast datagrams with a TTL of 0 will not be transmitted on any network, 248but may be delivered locally if the sending host belongs to the destination 249group and if multicast loopback has not been disabled on the sending socket 250(see below). 251Multicast datagrams with TTL greater than 1 may be forwarded 252to other networks if a multicast router is attached to the local network. 253.Pp 254For hosts with multiple interfaces, each multicast transmission is 255sent from the primary network interface. 256The 257.Dv IP_MULTICAST_IF 258option overrides the default for 259subsequent transmissions from a given socket: 260.Bd -literal -offset indent 261struct in_addr addr; 262setsockopt(s, IPPROTO_IP, IP_MULTICAST_IF, &addr, sizeof(addr)); 263.Ed 264.Pp 265where 266.Va addr 267is the local 268.Tn IP 269address of the desired interface or 270.Dv INADDR_ANY 271to specify the default interface. 272An interface's local IP address and multicast capability can 273be obtained via the 274.Dv SIOCGIFCONF 275and 276.Dv SIOCGIFFLAGS 277.Xr ioctl 2 Ns 's . 278Normal applications should not need to use this option. 279.Pp 280If a multicast datagram is sent to a group to which the sending host itself 281belongs (on the outgoing interface), a copy of the datagram is, by default, 282looped back by the IP layer for local delivery. 283The 284.Dv IP_MULTICAST_LOOP 285option gives the sender explicit control 286over whether or not subsequent datagrams are looped back: 287.Bd -literal -offset indent 288u_char loop; /* 0 = disable, 1 = enable (default) */ 289setsockopt(s, IPPROTO_IP, IP_MULTICAST_LOOP, &loop, sizeof(loop)); 290.Ed 291.Pp 292This option 293improves performance for applications that may have no more than one 294instance on a single host (such as a router daemon), by eliminating 295the overhead of receiving their own transmissions. 296It should generally not 297be used by applications for which there may be more than one instance on a 298single host (such as a conferencing program) or for which the sender does 299not belong to the destination group (such as a time querying program). 300.Pp 301A multicast datagram sent with an initial TTL greater than 1 may be delivered 302to the sending host on a different interface from that on which it was sent, 303if the host belongs to the destination group on that other interface. 304The loopback control option has no effect on such delivery. 305.Pp 306A host must become a member of a multicast group before it can receive 307datagrams sent to the group. 308To join a multicast group, use the 309.Dv IP_ADD_MEMBERSHIP 310option: 311.Bd -literal -offset indent 312struct ip_mreq mreq; 313setsockopt(s, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq)); 314.Ed 315.Pp 316where 317.Fa mreq 318is the following structure: 319.Bd -literal -offset indent 320struct ip_mreq { 321 struct in_addr imr_multiaddr; /* multicast group to join */ 322 struct in_addr imr_interface; /* interface to join on */ 323} 324.Ed 325.Pp 326.Va imr_interface 327should 328be 329.Dv INADDR_ANY 330to choose the default multicast interface, 331or the 332.Tn IP 333address of a particular multicast-capable interface if 334the host is multihomed. 335Membership is associated with a single interface; 336programs running on multihomed hosts may need to 337join the same group on more than one interface. 338Up to 339.Dv IP_MAX_MEMBERSHIPS 340(currently 4095) memberships may be added on a 341single socket. 342.Pp 343To drop a membership, use: 344.Bd -literal -offset indent 345struct ip_mreq mreq; 346setsockopt(s, IPPROTO_IP, IP_DROP_MEMBERSHIP, &mreq, sizeof(mreq)); 347.Ed 348.Pp 349where 350.Fa mreq 351contains the same values as used to add the membership. 352Memberships are dropped when the socket is closed or the process exits. 353.\"----------------------- 354.Ss "Raw IP Sockets" 355Raw 356.Tn IP 357sockets are connectionless, 358and are normally used with the 359.Xr sendto 2 360and 361.Xr recvfrom 2 362calls, though the 363.Xr connect 2 364call may also be used to fix the destination for future 365packets (in which case the 366.Xr read 2 367or 368.Xr recv 2 369and 370.Xr write 2 371or 372.Xr send 2 373system calls may be used). 374.Pp 375If 376.Fa proto 377is 0, the default protocol 378.Dv IPPROTO_RAW 379is used for outgoing 380packets, and only incoming packets destined for that protocol 381are received. 382If 383.Fa proto 384is non-zero, that protocol number will be used on outgoing packets 385and to filter incoming packets. 386.Pp 387Outgoing packets automatically have an 388.Tn IP 389header prepended to 390them (based on the destination address and the protocol 391number the socket is created with), 392unless the 393.Dv IP_HDRINCL 394option has been set. 395Incoming packets are received with 396.Tn IP 397header and options intact. 398.Pp 399.Dv IP_HDRINCL 400indicates the complete IP header is included with the data 401and may be used only with the 402.Dv SOCK_RAW 403type. 404.Bd -literal -offset indent 405#include <netinet/ip.h> 406 407int hincl = 1; /* 1 = on, 0 = off */ 408setsockopt(s, IPPROTO_IP, IP_HDRINCL, &hincl, sizeof(hincl)); 409.Ed 410.Pp 411Unlike previous 412.Bx 413releases, the program must set all 414the fields of the IP header, including the following: 415.Bd -literal -offset indent 416ip->ip_v = IPVERSION; 417ip->ip_hl = hlen >> 2; 418ip->ip_id = 0; /* 0 means kernel set appropriate value */ 419ip->ip_off = htons(offset); 420ip->ip_len = htons(len); 421.Ed 422.Pp 423Additionally note that starting with 424.Ox 2.1 , 425the 426.Va ip_off 427and 428.Va ip_len 429fields are in network byte order. 430If the header source address is set to 431.Dv INADDR_ANY , 432the kernel will choose an appropriate address. 433.Sh DIAGNOSTICS 434A socket operation may fail with one of the following errors returned: 435.Bl -tag -width [EADDRNOTAVAIL] 436.It Bq Er EISCONN 437when trying to establish a connection on a socket which 438already has one, or when trying to send a datagram with the destination 439address specified and the socket is already connected; 440.It Bq Er ENOTCONN 441when trying to send a datagram, but 442no destination address is specified, and the socket hasn't been 443connected; 444.It Bq Er ENOBUFS 445when the system runs out of memory for 446an internal data structure; 447.It Bq Er EADDRNOTAVAIL 448when an attempt is made to create a 449socket with a network address for which no network interface 450exists. 451.It Bq Er EACCES 452when an attempt is made to create 453a raw IP socket by a non-privileged process. 454.El 455.Pp 456The following errors specific to 457.Tn IP 458may occur when setting or getting 459.Tn IP 460options: 461.Bl -tag -width EADDRNOTAVAILxx 462.It Bq Er EINVAL 463An unknown socket option name was given. 464.It Bq Er EINVAL 465The IP option field was improperly formed; 466an option field was shorter than the minimum value 467or longer than the option buffer provided. 468.El 469.Sh SEE ALSO 470.Xr getsockopt 2 , 471.Xr ioctl 2 , 472.Xr recv 2 , 473.Xr send 2 , 474.Xr icmp 4 , 475.Xr inet 4 , 476.Xr netintro 4 477.Sh HISTORY 478The 479.Nm 480protocol appeared in 481.Bx 4.2 . 482