IPv6 payload support -------------------- Latest IPv6 payload support code and documentation can be found from here: http://www.greenie.net/ipv6/openvpn.html For TODO list, see TODO.IPv6. Gert Doering, 31.12.2009 IPv6 transport support ---------------------- [ Last updated: 25-Mar-2011. ] OpenVPN-2.1 over UDP6/TCP6 README for ipv6-0.4.x patch releases: ( --udp6 and --tcp6-{client,server} ) * Availability Source code under GPLv2 from http://github.com/jjo/openvpn-ipv6 Distro ready repos/packages: o Debian sid official repo, by Alberto Gonzalez Iniesta, starting from openvpn_2.1~rc20-2 o Gentoo official portage tree, by Marcel Pennewiss: - https://bugs.gentoo.org/show_bug.cgi?id=287896 o Ubuntu package, by Bernhard Schmidt: - https://launchpad.net/~berni/+archive/ipv6/+packages o Freetz.org, milestone freetz-1.2 - http://trac.freetz.org/milestone/freetz-1.2 * Status: o OK: - upd6,tcp6: GNU/Linux, win32, openbsd-4.7, freebsd-8.1 - udp4->upd6,tcp4->tcp6 (ipv4/6 mapped): GNU/Linux (gives a warning on local!=remote proto matching) o NOT: - win32: tcp4->tcp6 (ipv4/6 mapped) fails w/connection refused o NOT tested: - mgmt console * Build setup: ./configure --enable-ipv6 (by default) * Usage: For IPv6 just specify "-p upd6" an proper IPv6 hostnames, adapting the example from man page ... On may: openvpn --proto udp6 --remote --dev tun1 \ --ifconfig 10.4.0.1 10.4.0.2 --verb 5 --secret key On june: openvpn --proto udp6 --remote --dev tun1 \ --ifconfig 10.4.0.2 10.4.0.1 --verb 5 --secret key Same for --proto tcp6-client, tcp6-server. * Main code changes summary: - socket.h: New struct openvpn_sockaddr type that holds sockaddrs and pktinfo, (here I omitted #ifdef USE_PF_xxxx, see socket.h ) struct openvpn_sockaddr { union { struct sockaddr sa; struct sockaddr_in in; struct sockaddr_in6 in6; } addr; }; struct link_socket_addr { struct openvpn_sockaddr local; struct openvpn_sockaddr remote; struct openvpn_sockaddr actual; }; PRO: allows simple type overloading: local.addr.sa, local.addr.in, local.addr.in6 ... etc (also local.pi.in and local.pi.in6) - several function prototypes moved from sockaddr_in to openvpn_sockaddr - several new sockaddr functions needed to "generalize" AF_xxxx operations: addr_copy(), addr_zero(), ...etc proto_is_udp(), proto_is_dgram(), proto_is_net() * For TODO list, see TODO.IPv6 -- JuanJo Ciarlante jjo () google () com ............................ : : . Linux IP Aliasing author . . Modular algo (AES et all) support for FreeSWAN/OpenSWAN author . . OpenVPN over IPv6 support . :...... plus other scattered free software bits in the wild ...: