#include <sys/types.h>
#include <netgraph/ng_teredo.h>
DESCRIPTION
The Teredo node type performs IPv6 encapsulation over UDP/IPv4. It
allows nodes located behind an IPv4 NAT to obtain IPv6 unicast connectiv-
ity by tunnelling packets over UDP/IPv4. This service has 3 entities:
the "Teredo Server", the "Teredo Relay" and the "Teredo client". A
Teredo Server is stateless whereas the Teredo Relay keeps a state of each
peer. It supports the following IETF draft "draft-huitema-v6ops-
teredo-00.txt".
ARCHITECTURE
The following sections provide two examples about the usage of this node.
Teredo Server
+---+
|ngN|
+-+-+
| inet6
V
^
| upstream
+---+-----+
|ng_teredo|
+-+-----+-+
/ \
downstream / \ secondary
V V
^ ^
inet/dgram/udp inet/dgram/udp
| |
+---+---+ +---+---+
|ksocket| |ksocket|
+-------+ +-------+
The Teredo node provides a minimalist RS/RA support.
Teredo Relay
+---+
|ngN|
+-+-+
| inet6
V
^
| upstream
+---+-----+
|ng_teredo|
+-+-----+-+
/
downstream /
V
^
inet/dgram/udp
|
+---+---+
|ksocket|
+-------+
Both should have a route via the interface ngN for the Teredo prefix. The
Relay should announce this route into its IGP (RIPng, OSPFv3) for a
domain-specific accessible service. This reachability should be announced
by the means of BGP for a global service.
route add -inet6 3ffe:831f:: -prefixlen 32 -iface ng0
HOOKS
This type of node supports three hooks. Two hooks tunnel the IPv6 pack-
ets over UDP/IPv4 packets via the downstream hook and via the secondary
hook that should be connected to two ng_ksocket(4) nodes. The secondary
hook is used in order to help the Teredo clients to detect a cone NAT.
It is not required if you have only a restricted cone NAT into your
domain. The hook upstream is the IPv6 stream that is routed. It simply
needs to be connected to the inet6 hook of a ng_iface(4) node.
CONTROL MESSAGES
This node type supports the generic control messages, plus the following:
NGM_TEREDO_SET_VERBOSE
Set the verbosity flags (debugs 0x01, error 0x02). For example, if
you are interested in getting all the messages, it should be set to
0x03. The default value is 0x00.
NGM_TEREDO_SET_TEREDOPREFIX
Set the Teredo prefix. This command takes an IPv6 address as an
argument. The default value is 3ffe:831f:: It is a 32 bits prefix.
NGM_TEREDO_GET_TEREDOPREFIX
Returns the Teredo prefix. It should be 3ffe:831f:: It is a 32 bits
prefix.
NGM_TEREDO_SET_SERVADDR
Sets the IPv4 address (A.B.C.D) that is appended to the Teredo pre-
fix. The prefix, which will be announced by the Teredo Server into
the RA to the Teredo clients, is 3ffe:831f:A.B:C.D::/64
NGM_TEREDO_GET_SERVADDR
Returns the IPv4 address that is currently used to build the Teredo
prefix.
NGM_TEREDO_SET_ORIGINADDR
Sets the IPv4 origin address of the Teredo Relay. The origin indica-
tion is used to carry the IPv4 address of the Relay.
NGM_TEREDO_GET_ORIGINADDR
Returns the IPv4 origin address of the Teredo Relay.
NGM_TEREDO_SET_LOCALADDR
Sets the IPv6 link-local address of the upper ng_iface(4) interface.
NGM_TEREDO_GET_LOCALADDR
Returns the IPv6 link local address of the upper ng_iface(4) inter-
face.
NGM_TEREDO_SET_GLOBALADDR
Sets the IPv6 source address of the bubble packets. It should be a gobal
address of this router without being a Teredo address.
NGM_TEREDO_GET_GLOBALADDR
Returns the IPv6 source address used to send the bubble packets.
NGM_TEREDO_GET_STATS
This command returns a struct ng_teredo_stats containing the follow-
ing statistics:
/* Statistics structure */
struct ng_teredo_stats {
u_int64_t xmitPackets; /* number of packets xmit */
u_int64_t xmitOctets; /* number of octets xmit */
u_int32_t xmitBubbles; /* bubbles that have been originated */
u_int32_t xmitMaxBubbles;/* lost frames within the untrusted state */
u_int32_t xmitRA; /* RA sent */
u_int32_t fwdBubbles; /* bubbles that have been fwd'd */
u_int64_t recvPackets; /* number of packets rec'd */
u_int64_t recvOctets; /* number of octets rec'd */
u_int32_t recvRunts; /* too short packets rec'd */
u_int32_t recvInvalid; /* invalid packets rec'd */
u_int32_t recvUnknownClient; /* pkts rec'd with unknown peer */
u_int32_t recvBadPeer; /* pkts rec'd not belonging to the server */
u_int32_t recvBubbles; /* bubbles that have been rec'd */
u_int32_t recvIcmpv6; /* ICMPv6 packets rec'd */
u_int32_t recvRS; /* RS rec'd */
u_int32_t recvRSInvalid; /* Invalid RS rec'd */
u_int32_t recvAuth; /* Auth rec'd */
u_int32_t recvAuthOK; /* Auth successful rec'd */
u_int32_t recvOrig; /* Orig rec'd */
u_int32_t recvOrigOK; /* Orig successful rec'd */
u_int32_t recvWrongUDP; /* UDP layer provides wrong parameter */
u_int32_t memoryFailures;/* times we couldn't allocate memory */
};
NGM_TEREDO_CLR_STATS
This command clears the statistics.
NGM_TEREDO_GETCLR_STATS
Same as NGM_TEREDO_GET_STATS, but also atomically clears the statis-
tics.
NGM_TEREDO_GET_TABLE
Returns the current peer mapping table used to direct packets, in a
struct ng_teredo_host_ary.
/* Mapping table */
struct ng_teredo_host_ary {
TODO...
};
SHUTDOWN
This node shuts down upon receipt of a NGM_SHUTDOWN control message, or
when all hooks have been disconnected.
FILES
/usr/share/examples/netgraph/teredo.relay
Example script showing how to set up a Teredo Relay
/usr/share/examples/netgraph/teredo.server
Example script showing how to set up a Teredo Server
USAGE
See the two previous examples.
SEE ALSO
netgraph(4), ng_ksocket(4), ngctl(8) inet(4), inet6(4), ip6(4), gif(4),
ethereal(1)
BUGS
The Teredo Relay keeps a state for each peer. This state management
needs to be optimized with a Radix. Consequently it supports only up to
MAX_PEERS_NUMBER 2048 peers. This default value is hard-coded.
The link-local address of the ng_iface(4) interface should be learnt
automatically.
When data are received from the uplink hook, their meta is overwritten by
the UDP sockaddr_in of the peer.
HISTORY
The ng_teredo node type was implemented in FreeBSD 4.8.
AUHTORS
Konstantin Kabassanov <Konstantin.Kabassanov@lip6.fr>
Vincent Jardin <jardin@6WIND.com>