inetd Internet Services Daemon
An IPv6-enabled server is a server that can handle IPv4 or IPv6 addresses. The server uses the same protocol that the corresponding client uses. The /etc/inet/inetd.conf file contains the list of servers that inetd(1M) invokes when this daemon receives an Internet request over a socket. Each socket-based Internet server entry is composed of a single line that uses the following syntax:
service_name socket_type proto flags user server_pathname args |
See the inetd.conf(4) man page for a description of the possible values for each field. In the Solaris operating environment, to specify a service as IPv6-enabled in the /etc/inet/inetd.conf file, you must specify the proto field as tcp6 or udp6. If the service is IPv4-only, the proto field must be specified as tcp or udp. By specifying a proto value of tcp6 or udp6 for a service, inetd passes the specific daemon an AF_INET6 socket.
The following entry in the inetd.conf file depicts a udp server (myserver) that can communicate with both IPv4 and IPv6 client applications.
Example 16-3 Server Communicating With Both IPv4 and IPv6 Client Applications
myserver dgram udp6 wait root /usr/sbin/myserver myserver |
An IPv6-enabled server can inherit an AF_INET (IPv4 only) or an AF_INET6 (IPv6 and IPv4) socket from inetd. The proto value for the service is specified as either tcp6 (udp6) or tcp (udp). For these types of servers, you can also specify two inetd.conf entries. You can specify proto as tcp. You can also specify proto as tcp6.
Note - Because AF_INET6 sockets work with either the IPv4 or IPv6 protocols, specifying a proto value of tcp6 (udp6) is sufficient.
See Programming Interfaces Guide for details on writing various types of IPv6-enabled servers.
All servers that are provided with Solaris software require only one inetd entry that specifies proto as tcp6 or udp6. However, the remote shell server (shell) and the remote execution server (exec) must have an entry for both the tcp and tcp6 proto values. The following example shows the inetd entries for rlogin, telnet, shell, and exec.
Example 16-4 inetd.conf Entries for Servers Provided With Solaris Software
TCP Wrappers are a public domain utility that is used to monitor and to filter incoming requests for various network services, such as telnet. If you specify TCP Wrappers as the server_pathname for any of these services, you must ensure that TCP Wrappers are IPv6 capable. Otherwise, you must specify proto as tcp or udp for those services that are being used with TCP Wrappers.
In addition, if you replace a Solaris utility with another implementation, you must verify if the implementation of that service supports IPv6. If the implementation does not support IPv6, then you must specify the proto value as either tcp or udp.
Note - If you specify proto as tcp or udp only, the service uses only IPv4. You need to specify proto as tcp6 or udp6 to enable either IPv4 or IPv6 connections. If the service does not support IPv6, then do not specify tcp6 or udp6.
See IPv6 extensions to the Socket API in Programming Interfaces Guide for more details on writing IPv6 enabled servers that use sockets.
IPv6 Extensions to Existing Utilities
User-level interface changes also include extensions to the following utilities:
netstat(1M)
snoop(1M)
route(1M)
ping(1M)
traceroute(1M)
The ifconfig(1M) utility has also changed. See "IPv6 Extensions to the ifconfig Utility" for a description.
netstat(1M)
In addition to displaying IPv4 network status, netstat can display IPv6 network status as well. You can choose which protocol information to display by setting the DEFAULT_IP value in the /etc/default/inet_type file and the -f command-line option. With a permanent setting of DEFAULT_IP, you can ensure that netstat displays only IPv4 information. You can override this setting with the -f option. For more information on the inet_type file, see the inet_type(4) man page.
The new -p option displays the net-to-media table, which is the ARP table for IPv4 and neighbor cache for IPv6. See the netstat(1M) man page for details. See "How to Display Network Status" for descriptions of procedures that use this command.
snoop(1M)
The snoop command can capture both IPv4 and IPv6 packets. This command can display IPv6 headers, IPv6 extension headers, ICMPv6 headers, and neighbor discovery protocol data. By default, the snoop command displays both IPv4 and IPv6 packets. By specifying the ip or ip6 protocol keywords, the snoop command displays only IPv4 or IPv6 packets. The IPv6 filter option enables you to filter through all packets (both IPv4 and IPv6), displaying only the IPv6 packets. See the snoop(1M) man page for details. See "How to Monitor Only IPv6 Network Traffic" for a description of procedures that use this command.
route(1M)
This utility now operates on both IPv4 and IPv6 routes. By default, route operates on IPv4 routes. If you use the option -inet6 on the command line immediately after the route command, operations are performed on IPv6 routes. See the route(1M) man page for details.
ping(1M)
The ping command can use both IPv4 and IPv6 protocols to probe target hosts. Protocol selection depends on the addresses that are returned by the name server for the specific target host. By default, if the name server returns an IPv6 address for the target host, the ping command uses the IPv6 protocol. If the server returns only an IPv4 address, the ping command uses the IPv4 protocol. You can override this action by using the -A command-line option to specify which protocol to use.
Additionally, you can ping all the addresses of a multihomed target host by using the -a command-line option. See the ping(1M) man page for details. See "How to Probe All Multihomed Host Addresses" for a description of a procedure that uses this command.
traceroute(1M)
You can use the traceroute command to trace both the IPv4 and IPv6 routes to a specific host. From a protocol perspective, traceroute uses the same algorithm as ping. Use the -A command-line option to override this selection. You can trace each individual route to every address of a multihomed host by using the -a command-line option. See the traceroute(1M) man page for details.
Controlling Display Output
You can control how the netstat and ifconfig commands display output:
Use keywords that are added to the command line to specify either inet or inet6 addresses.
Set the configuration variable DEFAULT_IP in the /etc/default/inet_type file.
You can set the value of DEFAULT_IP to IP_VERSION4, IP_VERSION6, or BOTH. If you do not create this file by specifying the DEFAULT_IP, then netstat and ifconfig displays both versions.
Note - The inet or inet6 keyword option overrides the value that is set in the inet_type file when you use the netstat and ifconfig commands.
See "How to Control the Display Output of IPv6 Related Commands" for a description of procedures.
Solaris Tunneling Interfaces for IPv6
Tunneling interfaces have the following format:
ip.tun ppa |
ppa is the physical point of attachment.
Note - The Solaris software does not yet support encapsulating packets within IPv6 packets.
At system startup, the tunneling module (tun) is pushed (by ifconfig) on top of IP to create a virtual interface. The push is accomplished by creating the appropriate hostsname6.* file.
For example, to create a tunnel to encapsulate IPv6 packets over an IPv4 network (IPv6 over IPv4), you create the following file name:
/etc/hostname6.ip.tun0 |
The content of this file is passed to ifconfig(1M) after the interfaces have been plumbed. The content becomes the parameters necessary to configure a point-to-point tunnel.
The following listing is an example of entries in hostname6.ip.tun0 file.
Example 16-5 hostname6.interface Entries
tsrc 120.68.100.23 tdst 120.68.7.19 up addif 1234:1234::1 5678:5678::2 up |
In this example, the IPv4 source and destination addresses are used as tokens to autoconfigure IPv6 link-local addresses of the source and destination for the ip.tun0 interface. Two interfaces are configured, the ip.tun0 interface, and a logical interface (ip.tun0:1) that has the source and destination IPv6 addresses specified by the addif command.
As mentioned previously, the contents of these configuration files are passed to ifconfig without change when the system is started as multiuser. The previous example is equivalent to the following:
# ifconfig ip.tun0 inet6 plumb # ifconfig ip.tun0 inet6 tsrc 120.68.100.23 tdst 120.68.7.19 up # ifconfig ip.tun0 inet6 addif 1234:1234::1 5678:5678::2 up |
The following display shows the output of ifconfig -a for this tunnel.
ip.tun0: flags=2200850<UP,POINTOPOINT,RUNNING,MULTICAST,NONUD,IPv6> mtu 1480 index 6 inet tunnel src 120.68.100.23 tunnel dst 120.68.7.19 inet6 fe80::c0a8:6417/10 --> fe80::c0a8:713 ip.tun0:1: flags=2200850<UP,POINTOPOINT,RUNNING,MULTICAST,NONUD,IPv6> mtu 1480 index 5 inet6 1234:1234::1/128 --> 5678:5678::2 |
You can configure more logical interfaces by adding lines to the configuration file by using the following syntax:
addif IPv6-source IPv6-destination up |
Note - Either end of the tunnel is an IPv6 router that advertises one or more prefixes over the tunnel. You do not need addif commands in the tunnel configuration files. Only tsrc and tdst might be required because all other addresses are autoconfigured.
In some situations, specific source and destination link-local addresses need to be manually configured for a particular tunnel. Change the first line of the configuration file to include these link-local addresses. The following line is an example:
tsrc 120.68.100.23 tdst 120.68.7.19 fe80::1/10 fe80::2 up |
Notice that the source link-local address has a prefix length of 10. In this example, the ip.tun0 interface resembles the following:
ip.tun0: flags=2200850<UP,POINTOPOINT,RUNNING,MULTICAST,NONUD,IPv6> mtu 1480 index 6 inet tunnel src 120.68.100.23 tunnel dst 120.68.7.19 inet6 fe80::1/10 --> fe80::2 |
For specific information about tun, see the tun(7M) man page. For a general description of tunneling concepts during the transition to IPv6, see "Tunneling Mechanism". For a description of a procedure for configuring tunnels, see "How to Configure IPv6 Over IPv4 Tunnels".