git: 9front

ref: 6a09d2da7e29f18a244f3a3a2959d0a78ed9540b
dir: /sys/man/8/6in4/

View raw version
.TH 6IN4 8
.SH NAME
6in4, ayiya - configure and run automatic or manual tunnel of IPv6 through IPv4
.SH SYNOPSIS
.B ip/6in4
[
.B -ag
] [
.B -m
.I mtu
] [
.B -x
.I netmtpt
] [
.B -o
.I outnetmtpt
]  [
.B -i
.I local4
] [
.IB local6 [ /mask ]
[
.I remote4
[
.I remote6
] ] ]
.br
.B ip/ayiya
[
.B -g
] [
.B -m
.I mtu
] [
.B -x
.I netmtpt
] [
.B -k
.I secret
]
.IB local6 [ /mask ]
.I remote4
.I remote6
.SH DESCRIPTION
.I 6in4
sets up and maintains a 6to4 tunnel of IPv6 traffic through an IPv4 connection.
.I Ayiya
is similar, but uses the UDP based Anything In Anything protocol to
tunnel IPv6 traffic.
.PP
.I Local6
and
.I mask
define the IPv6 address and subnet of the near end of the tunnel
.RI ( mask
defaults to
.L /128
for a single-host
tunnel).
If
.I local6
is missing or
.LR - ,
it defaults to
.IP
.BI 2002: aabb : ccdd ::1/48
.PP
where
.IR aa ,
.IR bb ,
.I cc
and
.I dd
are the hexadecimal equivalents of the bytes
.IB a . b . c .\c
.I d
in this host's primary IPv4 address.
.PP
.I Remote4
is the IPv4 address of the far end of the tunnel
(must be given explicitly for a configured tunnel, or
defaults to the anycast address 192.88.99.1 for
.IR 6to4 ).
.PP
.I Remote6
is the IPv6 address of the far end of the tunnel
(used as the point-to-point destination for routing, and
defaults to a link-local address constructed from
.IR remote4 ).
.PP
The program forks a pair of background processes to copy packets to and from
the tunnel.
.PP
Options are:
.TF -x
.PD 0
.TP
.B -a
for
.IR 6in4 ,
permit any remote IPv4 address as the far end of a tunnel.
This is likely to be useful for the server side of a tunnel.
.TP
.B -i
for
.IR 6in4 ,
define what is the local IPv4 address, otherwise it takes the first
non-loopback address of the outside IP stack.
.TP
.B -g
use the tunnel as the default route for global IPv6 addresses
.TP
.B -m
.I mtu
specifies the outside MTU in bytes from which the inside
tunnel MTU is derived. Deaults to 1500 - 8 (Ethernet - PPPoE).
.TP
.B -x
use the network mounted at
.I netmtpt
instead of
.LR /net
for binding the tunnel interface and sending/receiving IPv4
packets.
.TP
.B -o
for
.IR 6in4 ,
use
.I outnetmtpt
for the IPv4 packets but bind the IPv6 interface on
.LR /net
or
.I netmtpt
when specified by a previous
.B -x
option.
.TP
.B -k
for
.IR ayiya ,
use the shared secret key
.I secret
to authenticate messages on the tunnel.
.PD
.SH EXAMPLES
If your primary IPv4 address is public,
you can start a
.I 6to4
tunnel simply with
.IP
.EX
ip/6in4 -g
.EE
.PP
Similarly, you can start a server for
.I 6to4
tunnels with
.IP
.EX
ip/6in4 -ag
.EE
.PP
If you use a tunnel broker at address
.LR 5.6.7.8 ,
configured to give you a
.L /64
subnet with address
.LR 2001:1122:3344:5566:: ,
you can start the tunnel with
.IP
.EX
ip/6in4 -g 2001:1122:3344:5566::/64 5.6.7.8
.EE
.SH FILES
.TF /net/ipmux
.PD 0
.TP
.B /net/ipmux
access to IPv6-in-IPv4 packets
.TP
.B /net/ipifc
packet interface to IPv6 network
.SH SEE ALSO
.IR bridge (3),
.I ipmux
in
.IR ip (3),
.I linklocal
in
.IR ipconfig (8)
.br
.B /lib/rfc/rfc3056
.br
.B /lib/rfc/rfc3068
.br
.B http://tools.ietf.org/id/draft-massar-v6ops-ayiya-02.txt
.SH BUGS
Needs a kernel with an
.I ipmux
driver.
.PP
The tunnel client filters addresses fairly conservatively in both directions.
However it's not watertight,
and may be flakey in other ways so don't put too much trust in it.