mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-10 00:13:04 +01:00
296 lines
9.2 KiB
Groff
296 lines
9.2 KiB
Groff
.\" Copyright (c) 1983, 1991, 1993
|
|
.\" The Regents of the University of California. All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
.\" must display the following acknowledgement:
|
|
.\" This product includes software developed by the University of
|
|
.\" California, Berkeley and its contributors.
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
.\" may be used to endorse or promote products derived from this software
|
|
.\" without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" From: @(#)inet.4 8.1 (Berkeley) 6/5/93
|
|
.\" $FreeBSD$
|
|
.\"
|
|
.Dd February 14, 1995
|
|
.Dt INET 4
|
|
.Os BSD 4.2
|
|
.Sh NAME
|
|
.Nm inet
|
|
.Nd Internet protocol family
|
|
.Sh SYNOPSIS
|
|
.Fd #include <sys/types.h>
|
|
.Fd #include <netinet/in.h>
|
|
.Sh DESCRIPTION
|
|
The Internet protocol family is a collection of protocols
|
|
layered atop the
|
|
.Em Internet Protocol
|
|
.Pq Tn IP
|
|
transport layer, and utilizing the Internet address format.
|
|
The Internet family provides protocol support for the
|
|
.Dv SOCK_STREAM , SOCK_DGRAM ,
|
|
and
|
|
.Dv SOCK_RAW
|
|
socket types; the
|
|
.Dv SOCK_RAW
|
|
interface provides access to the
|
|
.Tn IP
|
|
protocol.
|
|
.Sh ADDRESSING
|
|
Internet addresses are four byte quantities, stored in
|
|
network standard format (on the
|
|
.Tn VAX
|
|
these are word and byte
|
|
reversed). The include file
|
|
.Aq Pa netinet/in.h
|
|
defines this address
|
|
as a discriminated union.
|
|
.Pp
|
|
Sockets bound to the Internet protocol family utilize
|
|
the following addressing structure,
|
|
.Bd -literal -offset indent
|
|
struct sockaddr_in {
|
|
u_char sin_len;
|
|
u_char sin_family;
|
|
u_short sin_port;
|
|
struct in_addr sin_addr;
|
|
char sin_zero[8];
|
|
};
|
|
.Ed
|
|
.Pp
|
|
Sockets may be created with the local address
|
|
.Dv INADDR_ANY
|
|
to effect
|
|
.Dq wildcard
|
|
matching on incoming messages.
|
|
The address in a
|
|
.Xr connect 2
|
|
or
|
|
.Xr sendto 2
|
|
call may be given as
|
|
.Dv INADDR_ANY
|
|
to mean
|
|
.Dq this host .
|
|
The distinguished address
|
|
.Dv INADDR_BROADCAST
|
|
is allowed as a shorthand for the broadcast address on the primary
|
|
network if the first network configured supports broadcast.
|
|
.Sh PROTOCOLS
|
|
The Internet protocol family is comprised of
|
|
the
|
|
.Tn IP
|
|
network protocol, Internet Control
|
|
Message Protocol
|
|
.Pq Tn ICMP ,
|
|
Internet Group Management Protocol
|
|
.Pq Tn IGMP ,
|
|
Transmission Control
|
|
Protocol
|
|
.Pq Tn TCP ,
|
|
and User Datagram Protocol
|
|
.Pq Tn UDP .
|
|
.Tn TCP
|
|
is used to support the
|
|
.Dv SOCK_STREAM
|
|
abstraction while
|
|
.Tn UDP
|
|
is used to support the
|
|
.Dv SOCK_DGRAM
|
|
abstraction. A raw interface to
|
|
.Tn IP
|
|
is available
|
|
by creating an Internet socket of type
|
|
.Dv SOCK_RAW .
|
|
The
|
|
.Tn ICMP
|
|
message protocol is accessible from a raw socket.
|
|
.Pp
|
|
The 32-bit Internet address contains both network and host parts.
|
|
However, direct examination of addresses is discouraged. For those
|
|
programs which absolutely need to break addresses into their component
|
|
parts, the following
|
|
.Xr ioctl 2
|
|
commands are provided for a datagram socket in the Internet domain;
|
|
they have the same form as the
|
|
.Dv SIOCIFADDR
|
|
command (see
|
|
.Xr intro 4 ) .
|
|
.Pp
|
|
.Bl -tag -width SIOCSIFNETMASK
|
|
.It Dv SIOCSIFNETMASK
|
|
Set interface network mask.
|
|
The network mask defines the network part of the address;
|
|
if it contains more of the address than the address type would indicate,
|
|
then subnets are in use.
|
|
.It Dv SIOCGIFNETMASK
|
|
Get interface network mask.
|
|
.El
|
|
.Sh ROUTING
|
|
The current implementation of Internet protocols includes some routing-table
|
|
adaptations to provide enhanced caching of certain end-to-end
|
|
information necessary for Transaction TCP and Path MTU Discovery. The
|
|
following changes are the most significant:
|
|
.Bl -enum
|
|
.It
|
|
All IP routes, except those with the
|
|
.Dv RTF_CLONING
|
|
flag and those to multicast destinations, have the
|
|
.Dv RTF_PRCLONING
|
|
flag forcibly enabled (they are thus said to be
|
|
.Dq "protocol cloning" ).
|
|
.It
|
|
When the last reference to an IP route is dropped, the route is
|
|
examined to determine if it was created by cloning such a route. If
|
|
this is the case, the
|
|
.Dv RTF_PROTO3
|
|
flag is turned on, and the expiration timer is initialized to go off
|
|
in net.inet.ip.rtexpire seconds. If such a route is re-referenced,
|
|
the flag and expiration timer are reset.
|
|
.It
|
|
A kernel timeout runs once every ten minutes, or sooner if there are
|
|
soon-to-expire routes in the kernel routing table, and deletes the
|
|
expired routes.
|
|
.El
|
|
.Pp
|
|
A dynamic process is in place to modify the value of
|
|
net.inet.ip.rtexpire if the number of cached routes grows too large.
|
|
If after an expiration run there are still more than
|
|
net.inet.ip.rtmaxcache unreferenced routes remaining, the rtexpire
|
|
value is multiplied by 3/4, and any routes which have longer
|
|
expiration times have those times adjusted. This process is damped
|
|
somewhat by specification of a minimum rtexpire value
|
|
(net.inet.ip.rtminexpire), and by restricting the reduction to once in
|
|
a ten-minute period.
|
|
.Pp
|
|
If some external process deletes the original route from which a
|
|
protocol-cloned route was generated, the ``child route'' is deleted.
|
|
(This is actually a generic mechanism in the routing code support for
|
|
protocol-requested cloning.)
|
|
.Pp
|
|
No attempt is made to manage routes which were not created by protocol
|
|
cloning; these are assumed to be static, under the management of an
|
|
external routing process, or under the management of a link layer
|
|
(e.g.,
|
|
.Tn ARP
|
|
for Ethernets).
|
|
.Pp
|
|
Only certain types of network activity will result in the cloning of a
|
|
route using this mechanism. Specifically, those protocols (such as
|
|
.Tn TCP
|
|
and
|
|
.Tn UDP )
|
|
which themselves cache a long-lasting reference to route for a destination
|
|
will trigger the mechanism; whereas raw
|
|
.Tn IP
|
|
packets, whether locally-generated or forwarded, will not.
|
|
.Sh MIB VARIABLES
|
|
A number of variables are implemented in the net.inet branch of the
|
|
.Xr sysctl 3
|
|
MIB. In addition to the variables supported by the transport
|
|
protocols (for which see the respective manual pages), the following
|
|
general variables are defined:
|
|
.Bl -tag -width IPCTL_FASTFORWARDING
|
|
.It Dv IPCTL_FORWARDING
|
|
.Pq ip.forwarding
|
|
Boolean: enable/disable forwarding of IP packets.
|
|
Defaults to off.
|
|
.It Dv IPCTL_FASTFORWARDING
|
|
.Pq ip.fastforwarding
|
|
Boolean: enable/disable the use of fast IP forwarding code.
|
|
Defaults to off.
|
|
When fast forwarding is enabled, IP packets are forwarded directly to
|
|
the appropriate network interface with a minimal validity checking, which
|
|
greatly improves the throughput. On the other hand, they bypass the
|
|
standard procedures, such as IP option processing and
|
|
.Xr ipfirewall 4
|
|
checking.
|
|
It is not guaranteed that every packet will be fast-forwarded.
|
|
.It Dv IPCTL_SENDREDIRECTS
|
|
.Pq ip.redirect
|
|
Boolean: enable/disable sending of ICMP redirects in response to
|
|
unforwardable
|
|
.Tn IP
|
|
packets. Defaults to on.
|
|
.It Dv IPCTL_DEFTTL
|
|
.Pq ip.ttl
|
|
Integer: default time-to-live
|
|
.Pq Dq TTL
|
|
to use for outgoing
|
|
.Tn IP
|
|
packets.
|
|
.It Dv IPCTL_SOURCEROUTE
|
|
.Pq ip.sourceroute
|
|
Boolean: enable/disable forwarding of source-routed IP packets (default false).
|
|
.It Dv IPCTL_RTEXPIRE
|
|
.Pq ip.rtexpire
|
|
Integer: lifetime in seconds of protocol-cloned
|
|
.Tn IP
|
|
routes after the last reference drops (default one hour). This value
|
|
varies dynamically as described above.
|
|
.It Dv IPCTL_RTMINEXPIRE
|
|
.Pq ip.rtminexpire
|
|
Integer: minimum value of ip.rtexpire (default ten seconds). This
|
|
value has no effect on user modifications, but restricts the dynamic
|
|
adaptation described above.
|
|
.It Dv IPCTL_RTMAXCACHE
|
|
.Pq ip.rtmaxcache
|
|
Integer: trigger level of cached, unreferenced, protocol-cloned routes
|
|
which initiates dynamic adaptation (default 128).
|
|
.El
|
|
.Sh SEE ALSO
|
|
.Xr ioctl 2 ,
|
|
.Xr socket 2 ,
|
|
.Xr sysctl 3 ,
|
|
.Xr icmp 4 ,
|
|
.Xr igmp 4 ,
|
|
.Xr intro 4 ,
|
|
.Xr ip 4 ,
|
|
.Xr ipfirewall 4 ,
|
|
.Xr tcp 4 ,
|
|
.Xr ttcp 4 ,
|
|
.Xr udp 4
|
|
.Rs
|
|
.%T "An Introductory 4.3 BSD Interprocess Communication Tutorial"
|
|
.%B PS1
|
|
.%N 7
|
|
.Re
|
|
.Rs
|
|
.%T "An Advanced 4.3 BSD Interprocess Communication Tutorial"
|
|
.%B PS1
|
|
.%N 8
|
|
.Re
|
|
.Sh CAVEAT
|
|
The Internet protocol support is subject to change as
|
|
the Internet protocols develop. Users should not depend
|
|
on details of the current implementation, but rather
|
|
the services exported.
|
|
.Sh HISTORY
|
|
The
|
|
.Nm
|
|
protocol interface appeared in
|
|
.Bx 4.2 .
|
|
The
|
|
.Dq protocol cloning
|
|
code appeared in
|
|
.Fx 2.1 .
|