I am modifying a program that uses a TUN device for IPv4 traffic so that the same TUN device can also be used for IPv6 traffic. Using ioctl SIOCSIFADDR will add an IPv6 address but ioctl SIOCSDSTADDR to add an IPv6 destination address always results in error ENODEV (19 No such device). I searched around the source and found addrconf_set_dstaddr in addrconf.c which seems to be the routine called to set the destination address. However, the routine only sets a destination address for a SIT device, otherwise if returns ENODEV. Below is the ifconfig output for the TUN device:- $ ifconfig tun3 tun3 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.3.235 P-t-P:192.168.250.235 Mask:255.255.255.255 inet6 addr: fd00::3:235/128 Scope:Global UP POINTOPOINT RUNNING MTU:1344 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) BTW, ifconfig cannot add an IPv6 destination address either, the code has a comment saying that the support needs to be written. Can a TUN device be used for IPv6 traffic? I cannot find a definitive answer, only 'should'. Or is that nobody has ever wanted to use a TUN device for IPv6 traffic, and so the kernel support has not been written? Or am I doing something wrong?
(switched to email. Please respond via emailed reply-to-all, not via the bugzilla web interface). On Sat, 19 Dec 2009 10:35:18 GMT bugzilla-daemon@bugzilla.kernel.org wrote: > http://bugzilla.kernel.org/show_bug.cgi?id=14839 > > Summary: Trying to use a TUN device fir IPv6 traffic, cannot > set destination address. > Product: Networking > Version: 2.5 > Kernel Version: 2.6.31.6 > Platform: All > OS/Version: Linux > Tree: Mainline > Status: NEW > Severity: normal > Priority: P1 > Component: IPV6 > AssignedTo: yoshfuji@linux-ipv6.org > ReportedBy: mcisho@yahoo.com > Regression: No > > > I am modifying a program that uses a TUN device for IPv4 traffic so that the > same TUN device can also be used for IPv6 traffic. Using ioctl SIOCSIFADDR > will > add an IPv6 address but ioctl SIOCSDSTADDR to add an IPv6 destination address > always results in error ENODEV (19 No such device). > > I searched around the source and found addrconf_set_dstaddr in addrconf.c > which > seems to be the routine called to set the destination address. However, the > routine only sets a destination address for a SIT device, otherwise if > returns > ENODEV. > > Below is the ifconfig output for the TUN device:- > $ ifconfig tun3 > tun3 Link encap:UNSPEC HWaddr > 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 > inet addr:192.168.3.235 P-t-P:192.168.250.235 > Mask:255.255.255.255 > inet6 addr: fd00::3:235/128 Scope:Global > UP POINTOPOINT RUNNING MTU:1344 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:500 > RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) > > BTW, ifconfig cannot add an IPv6 destination address either, the code has a > comment saying that the support needs to be written. > > Can a TUN device be used for IPv6 traffic? I cannot find a definitive answer, > only 'should'. Or is that nobody has ever wanted to use a TUN device for IPv6 > traffic, and so the kernel support has not been written? Or am I doing > something wrong? >
Reply-To: shemminger@vyatta.com On Tue, 22 Dec 2009 15:12:38 -0800 Andrew Morton <akpm@linux-foundation.org> wrote: > > > > BTW, ifconfig cannot add an IPv6 destination address either, the code has a > > comment saying that the support needs to be written. Use iproute2 utilities. ifconfig is considered deprecated legacy interface, especially for IPV6.
Reply-To: maxk@qualcomm.com Andrew Morton wrote: > (switched to email. Please respond via emailed reply-to-all, not via the > bugzilla web interface). > > On Sat, 19 Dec 2009 10:35:18 GMT > bugzilla-daemon@bugzilla.kernel.org wrote: > >> http://bugzilla.kernel.org/show_bug.cgi?id=14839 >> >> Summary: Trying to use a TUN device fir IPv6 traffic, cannot >> set destination address. >> Product: Networking >> Version: 2.5 >> Kernel Version: 2.6.31.6 >> Platform: All >> OS/Version: Linux >> Tree: Mainline >> Status: NEW >> Severity: normal >> Priority: P1 >> Component: IPV6 >> AssignedTo: yoshfuji@linux-ipv6.org >> ReportedBy: mcisho@yahoo.com >> Regression: No >> >> >> I am modifying a program that uses a TUN device for IPv4 traffic so that the >> same TUN device can also be used for IPv6 traffic. Using ioctl SIOCSIFADDR >> will >> add an IPv6 address but ioctl SIOCSDSTADDR to add an IPv6 destination >> address >> always results in error ENODEV (19 No such device). >> >> I searched around the source and found addrconf_set_dstaddr in addrconf.c >> which >> seems to be the routine called to set the destination address. However, the >> routine only sets a destination address for a SIT device, otherwise if >> returns >> ENODEV. >> >> Below is the ifconfig output for the TUN device:- >> $ ifconfig tun3 >> tun3 Link encap:UNSPEC HWaddr >> 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 >> inet addr:192.168.3.235 P-t-P:192.168.250.235 >> Mask:255.255.255.255 >> inet6 addr: fd00::3:235/128 Scope:Global >> UP POINTOPOINT RUNNING MTU:1344 Metric:1 >> RX packets:0 errors:0 dropped:0 overruns:0 frame:0 >> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:500 >> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) >> >> BTW, ifconfig cannot add an IPv6 destination address either, the code has a >> comment saying that the support needs to be written. >> >> Can a TUN device be used for IPv6 traffic? I cannot find a definitive >> answer, >> only 'should'. Or is that nobody has ever wanted to use a TUN device for >> IPv6 >> traffic, and so the kernel support has not been written? Or am I doing >> something wrong? Sorry for the delay guys. I was under the impression that things like OpenVPN work just fine with IPv6 (OpenVPN uses TUN device). Here is a quote from OpenVPN FAQ -- Point-to-point IPv6 tunnels are supported on OSes which have IPv6 TUN driver support (this includes Linux and the BSDs). IPv6 over TAP is always supported as is any other protocol which can run over Ethernet. -- So. I'd suggest looking at the OpenVPN code. AFAIK all the kernel plumbing is fine. Max
I read the same quote which made me think that what that I was doing should work. I've since looked at the source of OpenVPN and experimented with the product and I'm not sure what 'are supported' means. The local and destination IP addresses of the TUN device are configured with the --ifconfig option which seems to only accept IPv4 addresses. I entered the option '--ifconfig 192.168.250.1 192.168.252.2' which resulted in the command 'ip addr add dev tun0 local 192.168.250.1 peer 192.168.252.2' being issued by OpenVPN. As root I then entered the command 'ip addr list tun0', which produced:- 6: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100 link/[65534] inet 192.168.250.1 peer 192.168.252.2/32 scope global tun0 I then entered the command 'ip -f inet6 addr add dev tun0 local fd00::250:1 peer fd00::252:2' which produced:- RTNETLINK answers: Invalid argument If the above command is entered as two commands, i.e. 'ip -f inet6 addr add dev tun0 peer fd00::252:2' and 'ip -f inet6 addr add dev tun0 local fd00::250:1', a subsequent 'ip addr list tun0' produces:- 6: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100 link/[65534] inet 192.168.250.1 peer 192.168.252.2/32 scope global tun0 inet6 fd00::250:1/128 scope global valid_lft forever preferred_lft forever inet6 fd00::252:2/128 scope global valid_lft forever preferred_lft forever which, to me, does not look like local and peer IPv6 addresses, they look like two local addresses. Or am I misunderstanding what is being displayed? p.s. there is a port of openvpn called openvpn-ipv6 whose purpose is 'ipv6 support'. The source contains a TODO.ipv6 which says 'this is ipv6 *endpoint* support, so don't expect "ifconfig6"-like support in this patch'. Please do not take any of my comments as criticism of openvpn, I am just looking for guidance on how to get my changes to work.