基本介绍

内容简介

IPv6的时代即将到来！ 《IPv6详解(卷2):高级协议实现(英文版)》由开源的IPv6标准参考实现KAME的核心开发人员撰写，沿袭了被奉为经典的Richard Steverls的《TCP／IP详解》的写作方式和风格，覆盖了IPv6技术的全部内容，是毋庸置疑的IPv6权威参考书。书中详尽剖析了IPv6协议及其实现的技术细节，逐行诠释了KAME每一行代码的作用，并结合阐述了弥足珍贵的设计体会，对网络研究、设计和开发人员都有极高的参考价值。 全书分为两卷，第1卷介绍核心协议的实现。第2卷主要介绍高级协议的实现。《IPv6详解(卷2):高级协议实现(英文版)》适合网络设计和开发人员阅读，对于下一代网络产品研发人员尤其具有参考价值。Qin9 Li 8Iue Coat系统公司资深架构师，负责领导下一代支持IPv6的安全代理应用系统的设计和 开发工作：他曾在风河系统公司工作8年，是风河嵌入式IPv6产品的首席架构师：他拥有多项美国专利。并著有Real-Time Concepts forEmbedded Systems等畅销书。他还是FreeBSD操作系统项目活 跃的开发者： Tatuya Jinmei （神明达哉）东芝公司研究与开发中心的科学家。KAME项目核心开发人员。2003年在日本庆应义塾大学获得博士学位，Keiichi Shima（岛庆一）日本Internel lnitiative公司的资深研究人员。他的研究领域是IPv6和IPv6移动性。KAME项目核心开发人员，开发了移动IPv6／NEMO基本支持协议栈：现在正致力于BSD操作系统中新的移动栈（SHISA栈）的研究。

作者简介

作者：(美国)Qing Li (日本)Tatuya Jinmei (日本)Keiichi Shima

媒体推荐

“阅读本书是一种享受，让我想起了RichardStevens的《TCPflP详解》，本书的技术深度完 全可以与之媲美，” ——Jim Bound，北美IPv6工作组主席 “在IPv6时代，本书将取代Richard Stevens的《TCP／IP详解》一书。我强烈推荐给所有程序员阅读：” ——Junichiro Hagino．KAME项目核心开发者

图书目录

1 IPv6 Unicast Routing Protocols 1.1 Introduction 1.2 Overview of Routing Concepts 1.2 Overview of Vector-based Algorithms and Link-StateAlgorithm 1.3.1 Distance-Vector Algorithm 1.3.2 Path-Vector Algorithm 1.3.3 Link-State Algorithm 1.4 Introduction to RIPng 1.4.1 RIPng Message Formats 1.4.2 RIPng Operation 1.4.3 Problems with RIPng 1.5 Introduction to BGP4+ 1.5.1 BGP4+ Operation 1.5.2 BGP4+ Messages 1.5.3 Path Attributes 1.5.4 IPv6 Extensions for BGP4+ 1.5.5 BGP4+ Route Selection Process 1.6 Introduction to OSPFv2 1.6.1 Router Adjacency and LSDB Synchronization 1.6.2 Area Types and Router Classification 1.6.3 Link State Advertisement and LSA Types 1.6.4 LSA Formats 1.6.5 OSPF Tree Construction and Route Computation 1.7 Code Introduction 1.8 IPv6 Routing Table in the BSD Kernel 1.8.1 Scope Zone Representation in the RoutingTable 1.9 Routing API 1.9.1 Routing Sockets 1.9.2 Dumping Routing Table via sysctl() 1.10 Overview of route6d Daemon 1.11 Common Data Structures, Routines and Global Variables 1.11.1 Structures for RIPng Messages 1.11.2 route6d's Routing Table 1.11.3 Structures for Local Interfaces 1.11.4 route6d Route Filter Entry 1.11.5 Subroutines and Global Variables 1.12 Interface Configuration 1.12.1 ifconfig() Function 1.12.2 ifconfig1() Function 1.12 RIPng Protocol Operation 1.13.1 sendrequest() Function 1.13.2 riprecv() Function 1.13.3 riprequest() Function 1.13.4 ripsend() Function 1.13.5 ripalarm() Function 1.14 Routing Operation Using route6d 1.14.1 A Leaf Network 1.14.2 A Simple Loop Network 1.14.3 A Hierarchical Network 2 IPv6 Multicasting 2.1 Introduction 2.2 IPv6 Multicast Address to Layer-2 Multicast AddressMapping 2.2 Multicast Listener Discovery Protocol 2.3.1 MLD Protocol Message Format 2.3.2 Router Alert Option 2.3.3 Source Address Selection 2.3.4 Destination Address Selection 2.3.5 MLD Querier 2.3.6 Operational Variables 2.3.7 MLD Join Process 2.3.8 MLD Leave Process 2.4 Multicast Routing Fundamentals 2.4.1 Reverse Path Forwarding 2.4.2 Multicast Routing Models 2.4.3 Protocol Independent Multicast 2.4.4 IPv6 Specific Issues about PIM 2.4.5 IPv6 Multicast Future-MLDv2 and SSM 2.5 Code Introduction 2.6 MLD Implementation 2.6.1 Types and Structures 2.6.2 mld6_init() Function 2.6.3 Joining a Group: mld6_start_listening()Function 2.6.4 Leaving a Group: mld6_stop_listening()Function 2.6.5 Input Processing: mld6_input() Function 2.6.6 mld6_fasttimeo() Function 2.6.7 mld6_sendpkt() Function 2.6.8 mld_allocbuf() Function 2.7 IPv6 Multicast Interface: mif6{} Structure 2.8 IPv6 Multicast Routing API 2.8.1 ip6_mrouter_set() Function 2.8.2 ip6_mrouter_init() Function 2.8.3 ip6_mrouter_get() Function 2.8.4 set_pim6() Function 2.8.5 add_m6if() Function 2.8.6 del_m6if() Function 2.8.7 ip6_mrouter_done() Function 2.8.8 mrt6_ioctl() Function 2.8.9 get_mif6_cnt() Function 2.9 IPv6 Multicast Forwarding Cache 2.9.1 add_m6fc() Function 2.9.2 del_m6fc() Function 2.9.3 expire_upcalls() Function 2.9.4 get_sg_cnt() Function 2.10 IPv6 Multicast Forwarding 2.10.1 ip6_mforward() Function 2.10.2 ip6_mdq() Function 2.10.3 phyint_send() Function 2.10.4 register_send() Function 2.10.5 socket_send() Function 2.10.6 pim6_input() Function 2.11 IPv6 Multicast Operation 2.11.1 ifmcstat Command 2.11.2 Enable IPv6 Multicast Routing 2.11.3 pim6dd and pim6sd Routing Daemons 2.11.4 pim6stat Output 2.11.5 netstat Command 3 DNS for IPv6 3.1 Introduction 3.2 Basics of DNS Definitions and Protocols 3.2.1 DNS, Domains, and Zones 3.2.2 Resource Records and Zone Files 3.2.3 DNS Transaction and Packet Format 3.2.4 Name Resolution and Caching 3.2 IPv6-Related Topics about DNS 3.3.1 AAAA Resource Record 3.3.2 DNS Reverse Tree for IPv6 3.3.3 IPv6 Transport for DNS 3.3.4 Packet Size Issue and EDNS0 3.3.5 Misbehaving DNS Servers against AAAA 3.3.6 Obsolete Standards 3.4 Implementation of IPv6 DNS Resolver 3.4.1 _dns_getaddrinfo() Function 3.4.2 getanswer() Function 3.4.3 res_queryN() Function 3.4.4 Resolver State Structure 3.4.5 res_init() Function 3.4.6 res_send() Function 3.4.7 IPv6 Reverse Lookup: _dns_ghbyaddr()Function 3.5 IPv6 DNS Operation with BIND 3.5.1 Overview of BIND9 3.5.2 Getting BIND9 3.5.3 Building and Installing BIND9 3.5.4 Configuring BIND9 for IPv6 Operation 3.5.5 Implementation-Specific Notes 3.5.6 Complete Configuration Example 3.5.7 dig and host Utilities 4 DHCPv6 4.1 Introduction 4.2 Overview of the DHCPv6 Protocol 4.2.1 Cases for DHCPv6 4.2.2 Definitions about DHCPv6 4.2.3 DHCPv6 Message Exchanges 4.2.4 Summary of DHCPv6 Options 4.2.5 Interaction with Neighbor Discovery 4.2.6 Comparison to DHCPv4 4.2 Code Introduction 4.3.1 Common Data Structures and Routines 4.4 Client Implementation 4.4.1 Client-Specific Data Structures 4.4.2 client6_mainloop() Function 4.4.3 client6_timo() Function 4.4.4 client6_send() Function 4.4.5 client6_recv() Function 4.4.6 client6_recvadvert() Function 4.4.7 client6_recvreply() Function 4.4.8 Processing Identity Association 4.4.9 update_ia() Function 4.4.10 update_address() Function 4.4.11 reestablish_ia() Function 4.4.12 ia_timo() Function 4.4.12 Release Resources 4.5 Server Implementation 4.5.1 server6_mainloop() Function 4.5.2 server6_recv() Function 4.5.3 process_relayforw() Function 4.5.4 react_solicit() Function 4.5.5 react_request() Function 4.5.6 make_ia() Function 4.5.7 react_renew() Function 4.5.8 react_rebind() Function 4.5.9 binding_time() Function 4.5.10 react_release() Function 4.5.11 react_informreq() Function 4.5.12 server6_send() Function 4.6 Relay Agent Implementation 4.6.1 relay6_loop() Function 4.6.2 relay6_recv() Function 4.6.3 relay_to_server() Function 4.6.4 relay_to_client() Function 4.7 Implementation of DHCPv6 Authentication 4.7.1 Data Structures Related to DHCPv6 Authentication 4.7.2 set_auth() Function 4.7.2 process_auth() Function (Client Side) 4.7.4 process_auth() Function (Server Side) 4.8 DHCPv6 Operation 4.8.1 Building the DHCPv6 Implementation 4.8.2 Configuring a DUID 4.8.3 Configuring the DHCPv6 Server 4.8.4 Configuring the DHCPv6 Client 4.8.5 Configuring the DHCPv6 Relay Agent 4.8.6 Configuring DHCPv6 Authentication 4.8.7 Configuring Control Command Keys 4.8.8 Operation of DHCPv6 Services 5 Mobile IPv6 5.1 Introduction 5.2 Mobile IPv6 Overview 5.2.1 Types of Nodes 5.2.2 Basic Operation of Mobile IPv6 5.2 Header Extension 5.3.1 Alignment Requirements 5.3.2 Home Address Option 5.3.3 Type 2 Routing Header 5.3.4 Mobility Header 5.3.5 Mobility Options 5.3.6 Neighbor Discovery Messages 5.3.7 ICMPv6 Messages 5.4 Procedure of Mobile IPv6 5.4.1 Protocol Constants and Variables 5.4.2 Home Registration 5.4.3 Bi-directional Tunneling 5.4.4 Intercepting Packets for a Mobile Node 5.4.5 Returning Home 5.5 Route Optimization 5.5.1 Return Routability 5.5.2 Sending Initial Messages 5.5.3 Responding to Initial Messages 5.5.4 Computing a Shared Secret 5.5.5 Verifying Message 5.5.6 Security Considerations 5.5.7 De-Register Binding for Correspondent Nodes 5.5.8 Backward Compatibility 5.6 Movement Detection 5.7 Dynamic Home Agent Address Discovery 5.8 Mobile Prefix Solicitation/Advertisement 5.9 Relationship with IPsec 5.10 Code Introduction 5.10.1 Statistics 5.11 Mobile IPv6 Related Structures 5.11.1 Files 5.11.2 Mobility Header Message-ip6_mh{} Structure 5.11.3 Binding Refresh Request Message-ip6_mh_binding_request{}Structure 5.11.4 Home Test Init Message-ip6_mh_home_test_init{}Structure 5.11.5 Care-of Test Init Message-ip6_mh_careof_test_init{}Structure 5.11.6 Home Test Message-ip6_mh_home_test{}Structure 5.11.7 Care-of Test Message-ip6_mh_careof_test{}Structure 5.11.8 Binding Update Message-ip6_mh_binding_update{}Structure 5.11.9 Binding Acknowledgment Message-ip6_mh_binding_ack{}Structure 5.11.10 Binding Error Message-ip6_mh_binding_error{}Structure 5.11.11 Mobility Option Message Structures 5.11.12 Mobility Option Message-ip6_mh_opt{} Structure 5.11.12 Binding Refresh Advice Option-ip6_mh_opt_refresh_advice{}Structure 5.11.14 Alternate Care-of Address Option-ip6_mh_opt_altcoa{}Structure 5.11.15 Nonce Index Option-ip6_mh_opt_nonce_index{}Structure 5.11.16 Authentication Data Option-ip6_mh_opt_auth_data{}Structure 5.11.17 The Internal Mobility Option-mip6_mobility_options{}Structure 5.11.18 Home Address Option-ip6_opt_home_address{}Structure 5.11.19 Type 2 Routing Header-ip6_rthdr2{} Structure 5.11.20 The Modified Router Advertisement Message-nd_router_advert{}Structure 5.11.21 The Modified Prefix Information Option-nd_opt_prefix_info{}Structure 5.11.22 Advertisement Interval Option-nd_opt_adv_interval{}Structure 5.11.22 Home Agent Information Option-nd_opt_homeagent_info{}Structure 5.11.24 Dynamic Home Agent Address Discovery Request Message-mip6_dhaad_req{} Structure 5.11.25 Dynamic Home Agent Address Discovery Reply Message-mip6_dhaad_rep{} Structure 5.11.26 Mobile Prefix Solicitation Message-mip6_prefix_solicit{}Structure 5.11.27 Mobile Prefix Advertisement Message-mip6_prefix_advert{}Structure 5.11.28 Binding Cache Entry-mip6_bc{} Structure 5.11.29 Binding Update List Entry-mip6_bu{} Structure 5.11.30 Home Agent Entry-mip6_ha{} structure 5.11.31 Prefix Entry-mip6_prefix{} Structure 5.11.32 Home Virtual Interface-hif_softc{} Structure 5.12 Macro and Type Definitions 5.12 Global Variables 5.14 Utility Functions 5.14.1 Files 5.14.2 Creation of IPv6 Header 5.14.3 Checksum Computation 5.15 Common Mobility Header Processing 5.15.1 Files 5.15.2 Mobility Header Input 5.15.3 Generating Binding Error Messages 5.15.4 Rate Limitation of Binding Error Messages 5.15.5 Creation of Binding Error Message 5.15.6 Mobility Header Message Delivery to Raw Sockets 5.16 Home Agent and Correspondent Node 5.16.1 Files 5.16.2 Binding Update Message Input 5.16.3 Binding Cache Entry Management 5.16.4 Mobility Options Processing 5.16.5 Validation of Binding Update Message for CorrespondentNode 5.16.6 Kbm and Authorization Data Computation 5.16.7 Managing Binding Cache Entry as CorrespondentNode 5.16.8 Sending Binding Refresh Request Message 5.16.9 Home Registration Processing 5.16.10 The DAD Procedure 5.16.11 Proxy Neighbor Discovery Control 5.16.12 Home De-Registration Procedure 5.16.13 Sending a Binding Acknowledgment Message 5.16.14 Nonce and Nodekey Management 5.16.15 Receiving a Home Address Option 5.16.16 Sending Packets to Mobile Nodes via Tunnel 5.16.17 Recovery of Temporarily Disabled Proxy Entry 5.16.18 Receiving ICMPv6 Error Messages 5.16.19 Home Agent List Management 5.16.20 Prefix List Management 5.16.21 Sending a Mobile Prefix Advertisement Message 5.16.22 Constructing the Payload 5.17 Mobile Node 5.17.1 Files 5.17.2 Binding Update List Entry Management 5.17.3 Movement Detection 5.17.4 Configuring Home Addresses 5.17.5 Sending a Binding Update Message 5.17.6 Receiving a Binding Acknowledgment Message 5.17.7 Receiving a Type 2 Routing Header 5.17.8 Receiving a Binding Refresh Request Message 5.17.9 Receiving a Binding Error Message 5.17.10 Source Address Selection 5.17.11 Home Agent List Management 5.17.12 Prefix Information Management 5.17.13 Receiving Prefix Information by Router AdvertisementMessages 5.17.14 Sending a Mobile Prefix Solicitation Message 5.17.15 Receiving a Mobile Prefix Advertisement Message 5.17.16 Sending a Dynamic Home Agent Address Discovery RequestMessage 5.17.17 Receiving a Dynamic Home Agent Address Discovery ReplyMessage 5.17.18 Receiving ICMPv6 Error Messages 5.17.19 State Machine 5.17.20 Primary State Machine 5.17.21 Secondary State Machine 5.17.22 Virtual Home Interface 5.17.23 Return Routability and Route Optimization 5.17.24 Route Optimized Communication 5.17.25 Tunnel Control 5.17.26 Receiving Packets from a Tunnel 5.17.27 I/O Control 5.18 Mobile IPv6 Operation 5.18.1 Rebuilding a Kernel with Mobile IPv6 Extension 5.18.2 Rebuilding User Space Programs 5.18.3 IPsec Signal Protection 5.18.4 Configuring Node 5.18.5 Viewing Status Information 5.18.6 Viewing Statistics 5.19 Appendix 5.19.1 The Manual Page of mip6control 6 IPv6 and IP Security 6.1 Introduction 6.2 Authentication Header 6.3 Encapsulating Security Payload 6.4 Transport Mode and Tunnel Mode 6.5 Security Association Database 6.5.1 Security Policy Database 6.5.2 Security Association Database 6.5.3 SAD and SPD Example 6.6 IPsec Traffic Processing 6.7 SPD and SAD Management 6.7.1 Manual Keying and Automatic Keying 6.8 Manual Configuration 6.8.1 Configuration File Format 6.8.2 Examples of Manipulating SP Entries 6.8.3 Examples of Manipulating SA Entries 6.9 Internet Security Association and Key Management Protocol(ISAKMP) Overview 6.9.1 ISAKMP Exchanges 6.9.2 Domain of Interpretation 6.9.3 Internet Key Exchange Protocol 6.10 Racoon Operation 6.10.1 Configuring Racoon 6.10.2 Configuration File Format 6.11 Scenarios 6.11.1 Creating a VPN between 3 Networks 6.11.2 Creating Star Topology VPN 6.11.3 Using Transport Mode IP Security 6.11.4 Connecting to the Server from Public Access Points References Index

序言

Back in 1994，when the IETF accepted the proposal that iS known as IPv6 today，1 was convincedfrom that moment，such a new fundamental protocol would be difficult if not impossible to beaccepted，adopted and deployed by the networking community without a highqualiW opensource reference implementation that is freely available． This conviction stems from my close involvement with the original TCP／IPv4 protocolsand UC Berkeley’s BSD implementation of these protocols．I have seen firsthand how the BSDimplementation has made enormous contribution to the success of TCP／IPv4，commonly knownas the Internet protocols．We needed a new effort that played the same role for IPv6． It was our turn to make a contribution to the world of the Internet from a developer’s pointof view，but at that time the economic impact of the Internet boom already made my colleaguesat Berkeley too busy．I understood that we had a mission and SO the IPv6 working group wasborn in the WIDE project for this purpose，which eventually evolved into the KAME project． One of the requirements demanded of the so ftware to be developed by the KAWE project，was to demonstrate how the IPv6 protocols work and how well the protocols operate in realenvironments——a difficult and challenging task，With the long and very patient help from all thesupporters．the KAME project members fulfilled this goal with theft diligence and perseverance．The KAME implementation was adopted bv all major BSD variants as the defacto IPv6 implementation．And KAME iS often refefred to during IPv6 discussions at IETE meetings．I strongly believe the success of the KAME project played a significant role in the wide acceptance andthe continued adoption of the IPv6 technology．