forked from Qortal/Brooklyn
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
342 lines
9.7 KiB
342 lines
9.7 KiB
# SPDX-License-Identifier: GPL-2.0-only |
|
# |
|
# IPv6 configuration |
|
# |
|
|
|
# IPv6 as module will cause a CRASH if you try to unload it |
|
menuconfig IPV6 |
|
tristate "The IPv6 protocol" |
|
default y |
|
help |
|
Support for IP version 6 (IPv6). |
|
|
|
For general information about IPv6, see |
|
<https://en.wikipedia.org/wiki/IPv6>. |
|
For specific information about IPv6 under Linux, see |
|
Documentation/networking/ipv6.rst and read the HOWTO at |
|
<https://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/> |
|
|
|
To compile this protocol support as a module, choose M here: the |
|
module will be called ipv6. |
|
|
|
if IPV6 |
|
|
|
config IPV6_ROUTER_PREF |
|
bool "IPv6: Router Preference (RFC 4191) support" |
|
help |
|
Router Preference is an optional extension to the Router |
|
Advertisement message which improves the ability of hosts |
|
to pick an appropriate router, especially when the hosts |
|
are placed in a multi-homed network. |
|
|
|
If unsure, say N. |
|
|
|
config IPV6_ROUTE_INFO |
|
bool "IPv6: Route Information (RFC 4191) support" |
|
depends on IPV6_ROUTER_PREF |
|
help |
|
Support of Route Information. |
|
|
|
If unsure, say N. |
|
|
|
config IPV6_OPTIMISTIC_DAD |
|
bool "IPv6: Enable RFC 4429 Optimistic DAD" |
|
help |
|
Support for optimistic Duplicate Address Detection. It allows for |
|
autoconfigured addresses to be used more quickly. |
|
|
|
If unsure, say N. |
|
|
|
config INET6_AH |
|
tristate "IPv6: AH transformation" |
|
select XFRM_AH |
|
help |
|
Support for IPsec AH (Authentication Header). |
|
|
|
AH can be used with various authentication algorithms. Besides |
|
enabling AH support itself, this option enables the generic |
|
implementations of the algorithms that RFC 8221 lists as MUST be |
|
implemented. If you need any other algorithms, you'll need to enable |
|
them in the crypto API. You should also enable accelerated |
|
implementations of any needed algorithms when available. |
|
|
|
If unsure, say Y. |
|
|
|
config INET6_ESP |
|
tristate "IPv6: ESP transformation" |
|
select XFRM_ESP |
|
help |
|
Support for IPsec ESP (Encapsulating Security Payload). |
|
|
|
ESP can be used with various encryption and authentication algorithms. |
|
Besides enabling ESP support itself, this option enables the generic |
|
implementations of the algorithms that RFC 8221 lists as MUST be |
|
implemented. If you need any other algorithms, you'll need to enable |
|
them in the crypto API. You should also enable accelerated |
|
implementations of any needed algorithms when available. |
|
|
|
If unsure, say Y. |
|
|
|
config INET6_ESP_OFFLOAD |
|
tristate "IPv6: ESP transformation offload" |
|
depends on INET6_ESP |
|
select XFRM_OFFLOAD |
|
default n |
|
help |
|
Support for ESP transformation offload. This makes sense |
|
only if this system really does IPsec and want to do it |
|
with high throughput. A typical desktop system does not |
|
need it, even if it does IPsec. |
|
|
|
If unsure, say N. |
|
|
|
config INET6_ESPINTCP |
|
bool "IPv6: ESP in TCP encapsulation (RFC 8229)" |
|
depends on XFRM && INET6_ESP |
|
select STREAM_PARSER |
|
select NET_SOCK_MSG |
|
select XFRM_ESPINTCP |
|
help |
|
Support for RFC 8229 encapsulation of ESP and IKE over |
|
TCP/IPv6 sockets. |
|
|
|
If unsure, say N. |
|
|
|
config INET6_IPCOMP |
|
tristate "IPv6: IPComp transformation" |
|
select INET6_XFRM_TUNNEL |
|
select XFRM_IPCOMP |
|
help |
|
Support for IP Payload Compression Protocol (IPComp) (RFC3173), |
|
typically needed for IPsec. |
|
|
|
If unsure, say Y. |
|
|
|
config IPV6_MIP6 |
|
tristate "IPv6: Mobility" |
|
select XFRM |
|
help |
|
Support for IPv6 Mobility described in RFC 3775. |
|
|
|
If unsure, say N. |
|
|
|
config IPV6_ILA |
|
tristate "IPv6: Identifier Locator Addressing (ILA)" |
|
depends on NETFILTER |
|
select DST_CACHE |
|
select LWTUNNEL |
|
help |
|
Support for IPv6 Identifier Locator Addressing (ILA). |
|
|
|
ILA is a mechanism to do network virtualization without |
|
encapsulation. The basic concept of ILA is that we split an |
|
IPv6 address into a 64 bit locator and 64 bit identifier. The |
|
identifier is the identity of an entity in communication |
|
("who") and the locator expresses the location of the |
|
entity ("where"). |
|
|
|
ILA can be configured using the "encap ila" option with |
|
"ip -6 route" command. ILA is described in |
|
https://tools.ietf.org/html/draft-herbert-nvo3-ila-00. |
|
|
|
If unsure, say N. |
|
|
|
config INET6_XFRM_TUNNEL |
|
tristate |
|
select INET6_TUNNEL |
|
default n |
|
|
|
config INET6_TUNNEL |
|
tristate |
|
default n |
|
|
|
config IPV6_VTI |
|
tristate "Virtual (secure) IPv6: tunneling" |
|
select IPV6_TUNNEL |
|
select NET_IP_TUNNEL |
|
select XFRM |
|
help |
|
Tunneling means encapsulating data of one protocol type within |
|
another protocol and sending it over a channel that understands the |
|
encapsulating protocol. This can be used with xfrm mode tunnel to give |
|
the notion of a secure tunnel for IPSEC and then use routing protocol |
|
on top. |
|
|
|
config IPV6_SIT |
|
tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" |
|
select INET_TUNNEL |
|
select NET_IP_TUNNEL |
|
select IPV6_NDISC_NODETYPE |
|
default y |
|
help |
|
Tunneling means encapsulating data of one protocol type within |
|
another protocol and sending it over a channel that understands the |
|
encapsulating protocol. This driver implements encapsulation of IPv6 |
|
into IPv4 packets. This is useful if you want to connect two IPv6 |
|
networks over an IPv4-only path. |
|
|
|
Saying M here will produce a module called sit. If unsure, say Y. |
|
|
|
config IPV6_SIT_6RD |
|
bool "IPv6: IPv6 Rapid Deployment (6RD)" |
|
depends on IPV6_SIT |
|
default n |
|
help |
|
IPv6 Rapid Deployment (6rd; draft-ietf-softwire-ipv6-6rd) builds upon |
|
mechanisms of 6to4 (RFC3056) to enable a service provider to rapidly |
|
deploy IPv6 unicast service to IPv4 sites to which it provides |
|
customer premise equipment. Like 6to4, it utilizes stateless IPv6 in |
|
IPv4 encapsulation in order to transit IPv4-only network |
|
infrastructure. Unlike 6to4, a 6rd service provider uses an IPv6 |
|
prefix of its own in place of the fixed 6to4 prefix. |
|
|
|
With this option enabled, the SIT driver offers 6rd functionality by |
|
providing additional ioctl API to configure the IPv6 Prefix for in |
|
stead of static 2002::/16 for 6to4. |
|
|
|
If unsure, say N. |
|
|
|
config IPV6_NDISC_NODETYPE |
|
bool |
|
|
|
config IPV6_TUNNEL |
|
tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" |
|
select INET6_TUNNEL |
|
select DST_CACHE |
|
select GRO_CELLS |
|
help |
|
Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in |
|
RFC 2473. |
|
|
|
If unsure, say N. |
|
|
|
config IPV6_GRE |
|
tristate "IPv6: GRE tunnel" |
|
select IPV6_TUNNEL |
|
select NET_IP_TUNNEL |
|
depends on NET_IPGRE_DEMUX |
|
help |
|
Tunneling means encapsulating data of one protocol type within |
|
another protocol and sending it over a channel that understands the |
|
encapsulating protocol. This particular tunneling driver implements |
|
GRE (Generic Routing Encapsulation) and at this time allows |
|
encapsulating of IPv4 or IPv6 over existing IPv6 infrastructure. |
|
This driver is useful if the other endpoint is a Cisco router: Cisco |
|
likes GRE much better than the other Linux tunneling driver ("IP |
|
tunneling" above). In addition, GRE allows multicast redistribution |
|
through the tunnel. |
|
|
|
Saying M here will produce a module called ip6_gre. If unsure, say N. |
|
|
|
config IPV6_FOU |
|
tristate |
|
default NET_FOU && IPV6 |
|
|
|
config IPV6_FOU_TUNNEL |
|
tristate |
|
default NET_FOU_IP_TUNNELS && IPV6_FOU |
|
select IPV6_TUNNEL |
|
|
|
config IPV6_MULTIPLE_TABLES |
|
bool "IPv6: Multiple Routing Tables" |
|
select FIB_RULES |
|
help |
|
Support multiple routing tables. |
|
|
|
config IPV6_SUBTREES |
|
bool "IPv6: source address based routing" |
|
depends on IPV6_MULTIPLE_TABLES |
|
help |
|
Enable routing by source address or prefix. |
|
|
|
The destination address is still the primary routing key, so mixing |
|
normal and source prefix specific routes in the same routing table |
|
may sometimes lead to unintended routing behavior. This can be |
|
avoided by defining different routing tables for the normal and |
|
source prefix specific routes. |
|
|
|
If unsure, say N. |
|
|
|
config IPV6_MROUTE |
|
bool "IPv6: multicast routing" |
|
depends on IPV6 |
|
select IP_MROUTE_COMMON |
|
help |
|
Support for IPv6 multicast forwarding. |
|
If unsure, say N. |
|
|
|
config IPV6_MROUTE_MULTIPLE_TABLES |
|
bool "IPv6: multicast policy routing" |
|
depends on IPV6_MROUTE |
|
select FIB_RULES |
|
help |
|
Normally, a multicast router runs a userspace daemon and decides |
|
what to do with a multicast packet based on the source and |
|
destination addresses. If you say Y here, the multicast router |
|
will also be able to take interfaces and packet marks into |
|
account and run multiple instances of userspace daemons |
|
simultaneously, each one handling a single table. |
|
|
|
If unsure, say N. |
|
|
|
config IPV6_PIMSM_V2 |
|
bool "IPv6: PIM-SM version 2 support" |
|
depends on IPV6_MROUTE |
|
help |
|
Support for IPv6 PIM multicast routing protocol PIM-SMv2. |
|
If unsure, say N. |
|
|
|
config IPV6_SEG6_LWTUNNEL |
|
bool "IPv6: Segment Routing Header encapsulation support" |
|
depends on IPV6 |
|
select LWTUNNEL |
|
select DST_CACHE |
|
select IPV6_MULTIPLE_TABLES |
|
help |
|
Support for encapsulation of packets within an outer IPv6 |
|
header and a Segment Routing Header using the lightweight |
|
tunnels mechanism. Also enable support for advanced local |
|
processing of SRv6 packets based on their active segment. |
|
|
|
If unsure, say N. |
|
|
|
config IPV6_SEG6_HMAC |
|
bool "IPv6: Segment Routing HMAC support" |
|
depends on IPV6 |
|
select CRYPTO |
|
select CRYPTO_HMAC |
|
select CRYPTO_SHA1 |
|
select CRYPTO_SHA256 |
|
help |
|
Support for HMAC signature generation and verification |
|
of SR-enabled packets. |
|
|
|
If unsure, say N. |
|
|
|
config IPV6_SEG6_BPF |
|
def_bool y |
|
depends on IPV6_SEG6_LWTUNNEL |
|
depends on IPV6 = y |
|
|
|
config IPV6_RPL_LWTUNNEL |
|
bool "IPv6: RPL Source Routing Header support" |
|
depends on IPV6 |
|
select LWTUNNEL |
|
help |
|
Support for RFC6554 RPL Source Routing Header using the lightweight |
|
tunnels mechanism. |
|
|
|
If unsure, say N. |
|
|
|
config IPV6_IOAM6_LWTUNNEL |
|
bool "IPv6: IOAM Pre-allocated Trace insertion support" |
|
depends on IPV6 |
|
select LWTUNNEL |
|
help |
|
Support for the inline insertion of IOAM Pre-allocated |
|
Trace Header (only on locally generated packets), using |
|
the lightweight tunnels mechanism. |
|
|
|
If unsure, say N. |
|
|
|
endif # IPV6
|
|
|