Section 12.2. BSD


12.2. BSD

Berkeley Software Distribution (BSD) began in 1977 from the efforts of the Computer Systems Research Group (CSRG) of the University of California at Berkeley. It began as a supplement to Sixth Edition Unix, which was developed by Bell Telephone Laboratories.

In 1978, the Department of Defense Advanced Research Project Agency (DARPA) turned its attention to Unix due to its portability across multiple hardware platforms. Seeking a common baseline, they decided to contract Berkeley to release 4BSD with the requested performance enhancements incorporated. They also wanted a faster filesystem and TCP/IP networking to be incorporated. Berkley Fast Filesystem (FFS) and TCP/IP networking, along with a reliable signal model, were incorporated into 4.2BSD in 1983.

In June of 1993, 4.4BSD was released and included support for the Intel i386 architecture. It was released as two versions: one required a UNIX Software license, and the other was without any licensed source code. This was the first open source release.

One of the projects based on the original BSD is OpenBSD. The OpenBSD project then became the root of other interesting projects, such as OpenSSH (Secure Shell), OpenNTPD (Network Time Protocol Daemon), and OpenCVS (Concurrent Versions System).

But that is enough history for the moment. Because of its IPv6 implementation and security features, which are counted among the best, I've decided to give you a short introduction to the BSD distribution OpenBSD. In my lab, I currently use the latest release of OpenBSD, Version 3.7. As an aside, OpenBSD has supported IPv6 since Version 2.7.

Find more information about OpenBSD at http://www.openbsd.org. For all other available BSD implementations, go to http://www.bsd.org.


12.2.1. Installation

After a basic setup of OpenBSD, IPv6 already works as expected without any special tweaks, stack configuration, or kernel patches.

If you are new to OpenBSD, you will find an easy install guide at http://www.openbsd.org/faq/faq4.html.


Because OpenBSD is intended to work as a router, it does not accept Router Advertisements by default. If you check ifconfig interface, you notice that only a link-local address is assigned to the interface. You can now do a static configuration of your interface(s) or configure the system to accept Router Advertisements. To configure the system to accept Router Advertisements, edit /etc/sysctl.conf. Change the line net.inet6.ip6.accept_rtadv=0 to net.inet6.ip6.accept_rtadv=1. To tell the router solicitation daemon to request Router Advertisements only for a desired interface, edit rtsold_flags="interface" in /etc/rc.conf. Restart rtsold or reboot your system, and you have a fully functional and secure IPv6 OpenBSD host.

Figure 12-1 shows the output of ifconfig with IPv6 configured.

Figure 12-1. ifconfig on OpenBSD configured for IPv6


The first address line shows the MAC address of the interface le1. The second address line shows the link-local address using the interface identifier based on the MAC address (refer to Chapter 3 for the explanation of how this interface identifier is built). The %le1 string at the end of the address is used to identify the interface on the host. The prefix length is set to /64, and the scope ID is set to 1. The third address line shows the IPv4 information for this interface. Finally, the last address line shows the global unicast address assigned to this interface.

12.2.2. Utilities

Each of the following tools is available for IPv6 after a basic installation of OpenBSD. The online documentation includes manuals for each console command and its parameters. Try also man command.


ifconfig

New parameters are available to show or configure IPv6 interfaces. Use the manual to see all options.


netstat

In addition to IPv4 information, the command may now display IPv6-related information. Use netstat -f inet6. As an example, to display the routing table for IPv6 and IPv4, use netstat -rn. Find more options in the manual.


route

If you enter route show, it displays the routing table for IPv4 and IPv6. For viewing only the IPv6 routing table, add the flag -inet6.


ping6, traceroute6, tracepath6, hostname

Most of the utilities for IPv6 are similar to the utilities that we know from IPv4. Instead of using ping or traceroute, I now use ping6 or traceroute6. Refer to the manpages for details. Instead of using traceroute6, try tracepath6. It not only displays the path, but also includes MTU information.


ndp

The ndp command displays and modifies the IPv6 neighbor cache as specified in the IPv6 Neighbor Discovery (ND) protocol. To display the entire neighbor cache, use ndp -a -n; to completely flush all remote entries, use ndp -F.

12.2.3. KAME Project

The KAME Project was a joint effort to create a single solid software set especially targeting IPv6/IPsec. Talented researchers from several Japanese organizations such as Fujitsu, Hitachi, NEC, IIJ (Internet Initiative Japan), and Toshiba joined the project. This joint effort aimed to avoid unnecessary duplicated development in the same areas and to effectively provide a high-quality, advanced, featured package.

The goal of the KAME Project was to make free implementations of IPv6, IPsec (IPv4 and IPv6), and Advanced Internetworking functions such as Advanced Packet Queueing, ATM, Mobility, and much more available for all BSD variants.

The KAME project began as a two-year project (April 1998-March 2000). There were several two-year deadline extensions, and the project was concluded in March 2006. This decision was based on the observation that the project has achieved its development and deployment mission. To conclude the KAME project, the focus is on integrating all remaining KAME functionality into all variants of BSD operating systems.

Some advanced features developed and distributed by the KAME project are not ready to be implemented into BSD systems yet. They include SCTP/DCCP, Mobile IPv6, NEMO, and IKEv2. The research and development activities on these features will continue in other working groups in the WIDE (http://www.wide.ad.jp) project.

For more information about the KAME Project itself, visit http://www.kame.net; for ported applications, visit http://www.kame.net/apps. FreeBSD users can find IPv6 software to play with at http://www.freebsd.org/ports/ipv6.html.


The KAME site has the famous KAME, which dances when you access the site with IPv6.

Other IPv6-related activities, such as the USAGI project (http://www.linux-ipv6.org, IPv6 code for Linux) and the TAHI project (http://www.tahi.org, IPv6 testing and evaluation), will be continued.



IPv6 Essentials
IPv6 Essentials
ISBN: 0596100582
EAN: 2147483647
Year: 2004
Pages: 156
Authors: Silvia Hagen

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net