| USAGE (57522) | USAGE (78012) |
|---|---|
| 1 USAGE 2 3 KAME Project 4 http://www.kame.net/newsletter/ | 1 USAGE 2 3 KAME Project 4 http://www.kame.net/newsletter/ |
| 5 $FreeBSD: head/share/examples/IPv6/USAGE 57522 2000-02-26 19:44:12Z shin $ | 5 $FreeBSD: head/share/examples/IPv6/USAGE 78012 2001-06-10 20:25:24Z ume $ |
| 6 7This is a introduction of how to use the commands provided in the KAME 8kit. For more information, please refer to each man page. 9 10<<<ifconfig>>> 11 12A link-local address is automatically assigned to each interface, when 13the interface becomes up for the first time. Even if you find an interface --- 607 unchanged lines hidden (view full) --- 621 add fec0:0:0:2::2 fec0:0:0:1::1 esp 0x10003 622 -m transport 623 -E cast128-cbc "12341234" 624 -A hmac-sha1 "this is the test key" ; 625 add fec0:0:0:2::1 fec0:0:0:1::1 esp 0x10004 626 -E rc5-cbc "kamekame" 627 -A hmac-md5 "this is the test" ; 628 | 6 7This is a introduction of how to use the commands provided in the KAME 8kit. For more information, please refer to each man page. 9 10<<<ifconfig>>> 11 12A link-local address is automatically assigned to each interface, when 13the interface becomes up for the first time. Even if you find an interface --- 607 unchanged lines hidden (view full) --- 621 add fec0:0:0:2::2 fec0:0:0:1::1 esp 0x10003 622 -m transport 623 -E cast128-cbc "12341234" 624 -A hmac-sha1 "this is the test key" ; 625 add fec0:0:0:2::1 fec0:0:0:1::1 esp 0x10004 626 -E rc5-cbc "kamekame" 627 -A hmac-md5 "this is the test" ; 628 |
| 629<<<EDNS0>>> 630 631EDNS0 is defined in RFC2671. With EDNS0, the resolver library can tell DNS 632server of its receiving buffer size, and permit DNS server to transmit large 633reply packet. EDNS0 is necessary to take advantage of larger minimum MTU 634in IPv6. KAME libinet6 includes resolver side support for EDNS0. 635Server side support for EDNS0 is included in ISC BIND9. 636 637 query packet with EDNS0 638 tells receive buffer size 639KAME box -----------------------------> BIND9 DNS server 640KAME box <----------------------------- BIND9 DNS server 641 can transmit jumbo reply, since DNS server 642 knows receive buffer size of KAME box 643 644How to play with it: 645- prepare KAME box and BIND9 DNS server (can be a same node) 646- add the following into /etc/resolv.conf on KAME box: 647 options edns0 <--- enables EDNS0 648 nameserver <IPv4 or v6 address of BIND9 box> 649- run applications compiled with libinet6 (like /usr/local/v6/bin/telnet), 650 see EDNS0 packet fly on the wire by tcpdump or some other method. 651 652Caveats: 653- BIND 4/8 DNS server will choke with EDNS0 packet, so you must not 654 turn the option on if you have BIND 4/8 DNS server. If you enable 655 "options edns0" against BIND 4/8 DNS server, you will never be able 656 to resolve names. 657- If you use IPv6 UDP as DNS transport, path MTU discovery may 658 affect the traffic. KAME box tries to fragment packet to 1280 659 bytes, however, BIND9 may not. 660- Some of our platforms do not use our extended resolver code in libinet6. 661 See COVERAGE for detail. 662 |
|
| 629 <end of USAGE> | 663 <end of USAGE> |