HIPL

lp://qastaging/~hipl-core/hipl/udp-encap-for-ipv6

Created by Miika Komu on 2011-09-18 and last modified on 2012-01-20

We have had some doubts if Teredo-based networking works always without UDP encapsulation. We experiencing some random problems in Teredo-based connectivity but the exact reason remains still uncertain. While studying the exact reason, this branch implements UDP encapsulation for IPv6 to solve the problem. In order to use the encapsulation, a host has to turn on NAT support (hipconf nat plain-udp) and it is on by default.

The code on this branch works and has been tested (r6084) in a coarse-grained way by Miika, The RVS/Relay support has not been tested and the firewall support for UDP-encapsulated IPv6 has not been implemented.

The encapsulation is for *all* IPv6 traffic related to HIP/ESP. If only Teredo should be treated as a special case, we can modify the following code:

http://bazaar.launchpad.net/~hipl-core/hipl/udp-encap-for-ipv6/revision/6079/hipd/hadb.c

as follows:

if (hip_nat_status && (IN6_IS_ADDR_V4MAPPED(peer_addr) ||
ipv6_addr_is_teredo(peer_addr))) {

and xfrm_state_modify and xfrm_state_delete need also a similar change (note: it is possible that local address is Teredo but destination is not, and vice versa!)

To force only IPv4-based or Teredo-based communications to use UDP encapsulation.

Note: ESP traffic is *not* encapsulated in UDP (I could not make this work).

Get this branch:: bzr branch lp://qastaging/~hipl-core/hipl/udp-encap-for-ipv6

Members of HIPL core team can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: HIPL core team

Project:: HIPL

Status:: Development

Recent revisions

6090. By Miika Komu on 2012-01-20

Fixed a compilation problem in the previous commit

Should have compiled first...

6089. By Miika Komu on 2012-01-20

Reverted commits 6087 and 6088

It appears that supporting UDP encapsulated data plane over IPv6 is not
trivial.

6088. By Miika Komu on 2012-01-20

A bug fix to previous commit

Forgot to include UDP encapsulation details when deleting associations.

6087. By Miika Komu on 2012-01-20

IPsec is now encapsulated in UDP when using IPv4

I noticed that only the control plane was getting UDP encapsulated with
IPv6. Now also the data plane is too.

6086. By Miika Komu on 2012-01-20

Fixed a compilation error

The compilation error originated from the last merge.

6085. By Miika Komu on 2012-01-20

Synchronized with trunk revision 6247

6084. By Miika Komu on 2011-09-20

Yet another fix for HIP over UDPv6.

Port number was not copied correctly on input when receiving HIP over
UDPv6. This caused checksum to fail. Fixed.

6083. By Miika Komu on 2011-09-20

Checksum input handling fixes for HIP over UDPv6

HIP packet input handling dropped UDP packet because of incorrect
checksum when IPv6 was used. Fixed.

6082. By Miika Komu on 2011-09-20

UDP checksumming enabled both for IPv4 and IPv6

UDP input gets dropped over IPv6. I believe the reason was that IPv6
mandates non-zero checksum for UDP. I also enabled the checksumming for
IPv4 (for symmetry) even though it's optional.

6081. By Miika Komu on 2011-09-20

Improved input socket creation for HIP-over-UDPv6

More fine-grained handling of IPv4 vs. IPv6-specific options for UDPv6
input.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp://qastaging/hipl

This branch contains Public information

Everyone can see this information.

Subscribers

HIPL core team