The Linux Channel :: Forum

IPV6 HOP BY HOP Extension header inclusion

How to Insert a HOP BY HOP OPTION Extension header into a IPv6 frame in the Linux kernel .

Implementing it through IPtables using Netfilter framework (i.e) using mangle chain and Output hook is a better option or should i write a code for including it as a patch into the Linux kernel.

I have been trying to find the implementation of this option in Linux by traversing the code regarding transport and network layer, Couldn't.

Kindly suggest me a better way to implement


Tagged:

Comments

  • Kernel patch has advantage of inserting the code direct and bit easier. But this leads to complete kernel compilation which is its drawback.
    vs. a module needs a complex registration mechanism.

    I am still bit new to ipv6, since I never deeply yet worked on it.
    But your case is simple its a question of appending extra options (just the way they do in ipv4).

    However I got a question:

    what happens to UDP payload after you add hop-limit header ?
    If Next-header is changed to "0" which is v6 hop-by-hop option (which is correct as per the RFC), then how one know after
    v6 header there is UDP header?




  • Also another question: are you working on a intermediate networking device (forwarding engine/ router/ firewall/ proxy)
    or its for local-host pkt flow ?
  • Initially we are trying to build a Local-host pkt flow Where the packet is generate at the router (border router) sent towards a node in the same local network.

    Regarding UDP payload, Generally in ipv6 all the Extension headers have next header field of 1 byte where the next following header type will be mentioned. Similarly in HBH option we will mention UDP code 17 in the NXT HDR field of HBH option. (Find the attached image).

    Now to implement this in the kernel directly i am traversing the code regarding Transport and network layer, exactly speaking udpv6_sendmsg() in udp.c file to find out the location where the allocation of space for this header is happening and where actually the HBH HDR is been update. Am i in the right track?

    and func do_ipv6_setsockopt() which is at net/ipv6/ipv6_sockglue.c any way related to including this extension header?

    Kindly suggest me implementing this in the kernel
    .
    cr.png 12.4K
  • Once I did a video on a kernel's API tcp_parse_options():



    Although this is not related and not even about TCP, the approach done/followed will give us some direction.

    I suggest similar way first you can have a look of the existing kernel APIs where other v6 options are built.

    BTW, I can trace here:

    http://elixir.free-electrons.com/linux/latest/source/include/uapi/linux/in6.h#L131
    /*
    * IPV6 extension headers
    */
    #if __UAPI_DEF_IPPROTO_V6
    #define IPPROTO_HOPOPTS 0 /* IPv6 hop-by-hop options */
    #define IPPROTO_ROUTING 43 /* IPv6 routing header */
    #define IPPROTO_FRAGMENT 44 /* IPv6 fragmentation header */
    #define IPPROTO_ICMPV6 58 /* ICMPv6 */
    #define IPPROTO_NONE 59 /* IPv6 no next header */
    #define IPPROTO_DSTOPTS 60 /* IPv6 destination options */
    #define IPPROTO_MH 135 /* IPv6 mobility header */
    #endif /* __UAPI_DEF_IPPROTO_V6 */


    When I search: IPPROTO_HOPOPTS, I get this:
    http://elixir.free-electrons.com/linux/latest/ident/IPPROTO_HOPOPTS

    Defined in 1 files:

    include/uapi/linux/in6.h, line 131 (as a macro)

    Referenced in 7 files:

    drivers/net/ethernet/mellanox/mlx4/en_rx.c, line 758
    include/linux/netfilter_ipv6/ip6_tables.h, line 40
    include/uapi/linux/in6.h, line 131
    net/bridge/br_multicast.c, line 499
    net/core/skbuff.c, line 4105 ---------------> I found this is interesting
    net/ipv6/mcast_snoop.c, line 56
    net/ipv6/netfilter/nf_log_ipv6.c, line 122 ---------------> and this too.


    Is this logic not already implemented if the logic already in the RFC ?
Sign In or Register to comment.