1 # SPDX-License-Identifier: GPL-2.0-only << 2 # 1 # 3 # IPv6 configuration 2 # IPv6 configuration 4 # 3 # 5 4 6 # IPv6 as module will cause a CRASH if you t 5 # IPv6 as module will cause a CRASH if you try to unload it 7 menuconfig IPV6 6 menuconfig IPV6 8 tristate "The IPv6 protocol" 7 tristate "The IPv6 protocol" 9 default y 8 default y 10 select CRYPTO_LIB_SHA1 !! 9 ---help--- 11 help << 12 Support for IP version 6 (IPv6). 10 Support for IP version 6 (IPv6). 13 11 14 For general information about IPv6, 12 For general information about IPv6, see 15 <https://en.wikipedia.org/wiki/IPv6> 13 <https://en.wikipedia.org/wiki/IPv6>. 16 For specific information about IPv6 14 For specific information about IPv6 under Linux, see 17 Documentation/networking/ipv6.rst an !! 15 Documentation/networking/ipv6.txt and read the HOWTO at 18 <https://www.tldp.org/HOWTO/Linux+IP !! 16 <http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/> 19 17 20 To compile this protocol support as !! 18 To compile this protocol support as a module, choose M here: the 21 module will be called ipv6. 19 module will be called ipv6. 22 20 23 if IPV6 21 if IPV6 24 22 25 config IPV6_ROUTER_PREF 23 config IPV6_ROUTER_PREF 26 bool "IPv6: Router Preference (RFC 419 24 bool "IPv6: Router Preference (RFC 4191) support" 27 help !! 25 ---help--- 28 Router Preference is an optional ext 26 Router Preference is an optional extension to the Router 29 Advertisement message which improves 27 Advertisement message which improves the ability of hosts 30 to pick an appropriate router, espec 28 to pick an appropriate router, especially when the hosts 31 are placed in a multi-homed network. 29 are placed in a multi-homed network. 32 30 33 If unsure, say N. 31 If unsure, say N. 34 32 35 config IPV6_ROUTE_INFO 33 config IPV6_ROUTE_INFO 36 bool "IPv6: Route Information (RFC 419 34 bool "IPv6: Route Information (RFC 4191) support" 37 depends on IPV6_ROUTER_PREF 35 depends on IPV6_ROUTER_PREF 38 help !! 36 ---help--- 39 Support of Route Information. !! 37 This is experimental support of Route Information. 40 38 41 If unsure, say N. 39 If unsure, say N. 42 40 43 config IPV6_OPTIMISTIC_DAD 41 config IPV6_OPTIMISTIC_DAD 44 bool "IPv6: Enable RFC 4429 Optimistic 42 bool "IPv6: Enable RFC 4429 Optimistic DAD" 45 help !! 43 ---help--- 46 Support for optimistic Duplicate Add !! 44 This is experimental support for optimistic Duplicate 47 autoconfigured addresses to be used !! 45 Address Detection. It allows for autoconfigured addresses >> 46 to be used more quickly. 48 47 49 If unsure, say N. 48 If unsure, say N. 50 49 51 config INET6_AH 50 config INET6_AH 52 tristate "IPv6: AH transformation" 51 tristate "IPv6: AH transformation" 53 select XFRM_AH !! 52 select XFRM_ALGO 54 help !! 53 select CRYPTO 55 Support for IPsec AH (Authentication !! 54 select CRYPTO_HMAC 56 !! 55 select CRYPTO_MD5 57 AH can be used with various authenti !! 56 select CRYPTO_SHA1 58 enabling AH support itself, this opt !! 57 ---help--- 59 implementations of the algorithms th !! 58 Support for IPsec AH. 60 implemented. If you need any other << 61 them in the crypto API. You should << 62 implementations of any needed algori << 63 59 64 If unsure, say Y. 60 If unsure, say Y. 65 61 66 config INET6_ESP 62 config INET6_ESP 67 tristate "IPv6: ESP transformation" 63 tristate "IPv6: ESP transformation" 68 select XFRM_ESP !! 64 select XFRM_ALGO 69 help !! 65 select CRYPTO 70 Support for IPsec ESP (Encapsulating !! 66 select CRYPTO_AUTHENC 71 !! 67 select CRYPTO_HMAC 72 ESP can be used with various encrypt !! 68 select CRYPTO_MD5 73 Besides enabling ESP support itself, !! 69 select CRYPTO_CBC 74 implementations of the algorithms th !! 70 select CRYPTO_SHA1 75 implemented. If you need any other !! 71 select CRYPTO_DES 76 them in the crypto API. You should !! 72 select CRYPTO_ECHAINIV 77 implementations of any needed algori !! 73 ---help--- >> 74 Support for IPsec ESP. 78 75 79 If unsure, say Y. 76 If unsure, say Y. 80 77 81 config INET6_ESP_OFFLOAD << 82 tristate "IPv6: ESP transformation off << 83 depends on INET6_ESP << 84 select XFRM_OFFLOAD << 85 default n << 86 help << 87 Support for ESP transformation offlo << 88 only if this system really does IPse << 89 with high throughput. A typical desk << 90 need it, even if it does IPsec. << 91 << 92 If unsure, say N. << 93 << 94 config INET6_ESPINTCP << 95 bool "IPv6: ESP in TCP encapsulation ( << 96 depends on XFRM && INET6_ESP << 97 select STREAM_PARSER << 98 select NET_SOCK_MSG << 99 select XFRM_ESPINTCP << 100 help << 101 Support for RFC 8229 encapsulation o << 102 TCP/IPv6 sockets. << 103 << 104 If unsure, say N. << 105 << 106 config INET6_IPCOMP 78 config INET6_IPCOMP 107 tristate "IPv6: IPComp transformation" 79 tristate "IPv6: IPComp transformation" 108 select INET6_XFRM_TUNNEL 80 select INET6_XFRM_TUNNEL 109 select XFRM_IPCOMP 81 select XFRM_IPCOMP 110 help !! 82 ---help--- 111 Support for IP Payload Compression P 83 Support for IP Payload Compression Protocol (IPComp) (RFC3173), 112 typically needed for IPsec. 84 typically needed for IPsec. 113 85 114 If unsure, say Y. 86 If unsure, say Y. 115 87 116 config IPV6_MIP6 88 config IPV6_MIP6 117 tristate "IPv6: Mobility" 89 tristate "IPv6: Mobility" 118 select XFRM 90 select XFRM 119 help !! 91 ---help--- 120 Support for IPv6 Mobility described 92 Support for IPv6 Mobility described in RFC 3775. 121 93 122 If unsure, say N. 94 If unsure, say N. 123 95 124 config IPV6_ILA 96 config IPV6_ILA 125 tristate "IPv6: Identifier Locator Add 97 tristate "IPv6: Identifier Locator Addressing (ILA)" 126 depends on NETFILTER 98 depends on NETFILTER 127 select DST_CACHE << 128 select LWTUNNEL 99 select LWTUNNEL 129 help !! 100 ---help--- 130 Support for IPv6 Identifier Locator 101 Support for IPv6 Identifier Locator Addressing (ILA). 131 102 132 ILA is a mechanism to do network vir 103 ILA is a mechanism to do network virtualization without 133 encapsulation. The basic concept of 104 encapsulation. The basic concept of ILA is that we split an 134 IPv6 address into a 64 bit locator a 105 IPv6 address into a 64 bit locator and 64 bit identifier. The 135 identifier is the identity of an ent 106 identifier is the identity of an entity in communication 136 ("who") and the locator expresses th 107 ("who") and the locator expresses the location of the 137 entity ("where"). 108 entity ("where"). 138 109 139 ILA can be configured using the "enc 110 ILA can be configured using the "encap ila" option with 140 "ip -6 route" command. ILA is descri 111 "ip -6 route" command. ILA is described in 141 https://tools.ietf.org/html/draft-he 112 https://tools.ietf.org/html/draft-herbert-nvo3-ila-00. 142 113 143 If unsure, say N. 114 If unsure, say N. 144 115 145 config INET6_XFRM_TUNNEL 116 config INET6_XFRM_TUNNEL 146 tristate 117 tristate 147 select INET6_TUNNEL 118 select INET6_TUNNEL 148 default n 119 default n 149 120 150 config INET6_TUNNEL 121 config INET6_TUNNEL 151 tristate 122 tristate 152 default n 123 default n 153 124 >> 125 config INET6_XFRM_MODE_TRANSPORT >> 126 tristate "IPv6: IPsec transport mode" >> 127 default IPV6 >> 128 select XFRM >> 129 ---help--- >> 130 Support for IPsec transport mode. >> 131 >> 132 If unsure, say Y. >> 133 >> 134 config INET6_XFRM_MODE_TUNNEL >> 135 tristate "IPv6: IPsec tunnel mode" >> 136 default IPV6 >> 137 select XFRM >> 138 ---help--- >> 139 Support for IPsec tunnel mode. >> 140 >> 141 If unsure, say Y. >> 142 >> 143 config INET6_XFRM_MODE_BEET >> 144 tristate "IPv6: IPsec BEET mode" >> 145 default IPV6 >> 146 select XFRM >> 147 ---help--- >> 148 Support for IPsec BEET mode. >> 149 >> 150 If unsure, say Y. >> 151 >> 152 config INET6_XFRM_MODE_ROUTEOPTIMIZATION >> 153 tristate "IPv6: MIPv6 route optimization mode" >> 154 select XFRM >> 155 ---help--- >> 156 Support for MIPv6 route optimization mode. >> 157 154 config IPV6_VTI 158 config IPV6_VTI 155 tristate "Virtual (secure) IPv6: tunne !! 159 tristate "Virtual (secure) IPv6: tunneling" 156 select IPV6_TUNNEL 160 select IPV6_TUNNEL 157 select NET_IP_TUNNEL 161 select NET_IP_TUNNEL 158 select XFRM !! 162 depends on INET6_XFRM_MODE_TUNNEL 159 help !! 163 ---help--- 160 Tunneling means encapsulating data of 164 Tunneling means encapsulating data of one protocol type within 161 another protocol and sending it over a 165 another protocol and sending it over a channel that understands the 162 encapsulating protocol. This can be us 166 encapsulating protocol. This can be used with xfrm mode tunnel to give 163 the notion of a secure tunnel for IPSE 167 the notion of a secure tunnel for IPSEC and then use routing protocol 164 on top. 168 on top. 165 169 166 config IPV6_SIT 170 config IPV6_SIT 167 tristate "IPv6: IPv6-in-IPv4 tunnel (S 171 tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" 168 select INET_TUNNEL 172 select INET_TUNNEL 169 select NET_IP_TUNNEL 173 select NET_IP_TUNNEL 170 select IPV6_NDISC_NODETYPE 174 select IPV6_NDISC_NODETYPE 171 default y 175 default y 172 help !! 176 ---help--- 173 Tunneling means encapsulating data o 177 Tunneling means encapsulating data of one protocol type within 174 another protocol and sending it over 178 another protocol and sending it over a channel that understands the 175 encapsulating protocol. This driver 179 encapsulating protocol. This driver implements encapsulation of IPv6 176 into IPv4 packets. This is useful if 180 into IPv4 packets. This is useful if you want to connect two IPv6 177 networks over an IPv4-only path. 181 networks over an IPv4-only path. 178 182 179 Saying M here will produce a module 183 Saying M here will produce a module called sit. If unsure, say Y. 180 184 181 config IPV6_SIT_6RD 185 config IPV6_SIT_6RD 182 bool "IPv6: IPv6 Rapid Deployment (6RD 186 bool "IPv6: IPv6 Rapid Deployment (6RD)" 183 depends on IPV6_SIT 187 depends on IPV6_SIT 184 default n 188 default n 185 help !! 189 ---help--- 186 IPv6 Rapid Deployment (6rd; draft-ie 190 IPv6 Rapid Deployment (6rd; draft-ietf-softwire-ipv6-6rd) builds upon 187 mechanisms of 6to4 (RFC3056) to enab 191 mechanisms of 6to4 (RFC3056) to enable a service provider to rapidly 188 deploy IPv6 unicast service to IPv4 192 deploy IPv6 unicast service to IPv4 sites to which it provides 189 customer premise equipment. Like 6t 193 customer premise equipment. Like 6to4, it utilizes stateless IPv6 in 190 IPv4 encapsulation in order to trans 194 IPv4 encapsulation in order to transit IPv4-only network 191 infrastructure. Unlike 6to4, a 6rd 195 infrastructure. Unlike 6to4, a 6rd service provider uses an IPv6 192 prefix of its own in place of the fi 196 prefix of its own in place of the fixed 6to4 prefix. 193 197 194 With this option enabled, the SIT dr 198 With this option enabled, the SIT driver offers 6rd functionality by 195 providing additional ioctl API to co 199 providing additional ioctl API to configure the IPv6 Prefix for in 196 stead of static 2002::/16 for 6to4. 200 stead of static 2002::/16 for 6to4. 197 201 198 If unsure, say N. 202 If unsure, say N. 199 203 200 config IPV6_NDISC_NODETYPE 204 config IPV6_NDISC_NODETYPE 201 bool 205 bool 202 206 203 config IPV6_TUNNEL 207 config IPV6_TUNNEL 204 tristate "IPv6: IP-in-IPv6 tunnel (RFC 208 tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" 205 select INET6_TUNNEL 209 select INET6_TUNNEL 206 select DST_CACHE 210 select DST_CACHE 207 select GRO_CELLS !! 211 ---help--- 208 help << 209 Support for IPv6-in-IPv6 and IPv4-in 212 Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in 210 RFC 2473. 213 RFC 2473. 211 214 212 If unsure, say N. 215 If unsure, say N. 213 216 214 config IPV6_GRE 217 config IPV6_GRE 215 tristate "IPv6: GRE tunnel" 218 tristate "IPv6: GRE tunnel" 216 select IPV6_TUNNEL 219 select IPV6_TUNNEL 217 select NET_IP_TUNNEL 220 select NET_IP_TUNNEL 218 depends on NET_IPGRE_DEMUX 221 depends on NET_IPGRE_DEMUX 219 help !! 222 ---help--- 220 Tunneling means encapsulating data o 223 Tunneling means encapsulating data of one protocol type within 221 another protocol and sending it over 224 another protocol and sending it over a channel that understands the 222 encapsulating protocol. This particu 225 encapsulating protocol. This particular tunneling driver implements 223 GRE (Generic Routing Encapsulation) 226 GRE (Generic Routing Encapsulation) and at this time allows 224 encapsulating of IPv4 or IPv6 over e 227 encapsulating of IPv4 or IPv6 over existing IPv6 infrastructure. 225 This driver is useful if the other e 228 This driver is useful if the other endpoint is a Cisco router: Cisco 226 likes GRE much better than the other 229 likes GRE much better than the other Linux tunneling driver ("IP 227 tunneling" above). In addition, GRE 230 tunneling" above). In addition, GRE allows multicast redistribution 228 through the tunnel. 231 through the tunnel. 229 232 230 Saying M here will produce a module 233 Saying M here will produce a module called ip6_gre. If unsure, say N. 231 234 232 config IPV6_FOU 235 config IPV6_FOU 233 tristate 236 tristate 234 default NET_FOU && IPV6 237 default NET_FOU && IPV6 235 238 236 config IPV6_FOU_TUNNEL 239 config IPV6_FOU_TUNNEL 237 tristate 240 tristate 238 default NET_FOU_IP_TUNNELS && IPV6_FOU 241 default NET_FOU_IP_TUNNELS && IPV6_FOU 239 select IPV6_TUNNEL 242 select IPV6_TUNNEL 240 243 241 config IPV6_MULTIPLE_TABLES 244 config IPV6_MULTIPLE_TABLES 242 bool "IPv6: Multiple Routing Tables" 245 bool "IPv6: Multiple Routing Tables" 243 select FIB_RULES 246 select FIB_RULES 244 help !! 247 ---help--- 245 Support multiple routing tables. 248 Support multiple routing tables. 246 249 247 config IPV6_SUBTREES 250 config IPV6_SUBTREES 248 bool "IPv6: source address based routi 251 bool "IPv6: source address based routing" 249 depends on IPV6_MULTIPLE_TABLES 252 depends on IPV6_MULTIPLE_TABLES 250 help !! 253 ---help--- 251 Enable routing by source address or 254 Enable routing by source address or prefix. 252 255 253 The destination address is still the 256 The destination address is still the primary routing key, so mixing 254 normal and source prefix specific ro 257 normal and source prefix specific routes in the same routing table 255 may sometimes lead to unintended rou 258 may sometimes lead to unintended routing behavior. This can be 256 avoided by defining different routin 259 avoided by defining different routing tables for the normal and 257 source prefix specific routes. 260 source prefix specific routes. 258 261 259 If unsure, say N. 262 If unsure, say N. 260 263 261 config IPV6_MROUTE 264 config IPV6_MROUTE 262 bool "IPv6: multicast routing" 265 bool "IPv6: multicast routing" 263 depends on IPV6 266 depends on IPV6 264 select IP_MROUTE_COMMON !! 267 ---help--- 265 help !! 268 Experimental support for IPv6 multicast forwarding. 266 Support for IPv6 multicast forwardin << 267 If unsure, say N. 269 If unsure, say N. 268 270 269 config IPV6_MROUTE_MULTIPLE_TABLES 271 config IPV6_MROUTE_MULTIPLE_TABLES 270 bool "IPv6: multicast policy routing" 272 bool "IPv6: multicast policy routing" 271 depends on IPV6_MROUTE 273 depends on IPV6_MROUTE 272 select FIB_RULES 274 select FIB_RULES 273 help 275 help 274 Normally, a multicast router runs a 276 Normally, a multicast router runs a userspace daemon and decides 275 what to do with a multicast packet b 277 what to do with a multicast packet based on the source and 276 destination addresses. If you say Y 278 destination addresses. If you say Y here, the multicast router 277 will also be able to take interfaces 279 will also be able to take interfaces and packet marks into 278 account and run multiple instances o 280 account and run multiple instances of userspace daemons 279 simultaneously, each one handling a 281 simultaneously, each one handling a single table. 280 282 281 If unsure, say N. 283 If unsure, say N. 282 284 283 config IPV6_PIMSM_V2 285 config IPV6_PIMSM_V2 284 bool "IPv6: PIM-SM version 2 support" 286 bool "IPv6: PIM-SM version 2 support" 285 depends on IPV6_MROUTE 287 depends on IPV6_MROUTE 286 help !! 288 ---help--- 287 Support for IPv6 PIM multicast routi 289 Support for IPv6 PIM multicast routing protocol PIM-SMv2. 288 If unsure, say N. 290 If unsure, say N. 289 291 290 config IPV6_SEG6_LWTUNNEL 292 config IPV6_SEG6_LWTUNNEL 291 bool "IPv6: Segment Routing Header enc 293 bool "IPv6: Segment Routing Header encapsulation support" 292 depends on IPV6 294 depends on IPV6 293 select LWTUNNEL 295 select LWTUNNEL 294 select DST_CACHE !! 296 ---help--- 295 select IPV6_MULTIPLE_TABLES << 296 help << 297 Support for encapsulation of packets 297 Support for encapsulation of packets within an outer IPv6 298 header and a Segment Routing Header 298 header and a Segment Routing Header using the lightweight 299 tunnels mechanism. Also enable suppo !! 299 tunnels mechanism. 300 processing of SRv6 packets based on !! 300 >> 301 If unsure, say N. >> 302 >> 303 config IPV6_SEG6_INLINE >> 304 bool "IPv6: direct Segment Routing Header insertion " >> 305 depends on IPV6_SEG6_LWTUNNEL >> 306 ---help--- >> 307 Support for direct insertion of the Segment Routing Header, >> 308 also known as inline mode. Be aware that direct insertion of >> 309 extension headers (as opposed to encapsulation) may break >> 310 multiple mechanisms such as PMTUD or IPSec AH. Use this feature >> 311 only if you know exactly what you are doing. 301 312 302 If unsure, say N. 313 If unsure, say N. 303 314 304 config IPV6_SEG6_HMAC 315 config IPV6_SEG6_HMAC 305 bool "IPv6: Segment Routing HMAC suppo 316 bool "IPv6: Segment Routing HMAC support" 306 depends on IPV6 317 depends on IPV6 307 select CRYPTO << 308 select CRYPTO_HMAC 318 select CRYPTO_HMAC 309 select CRYPTO_SHA1 319 select CRYPTO_SHA1 310 select CRYPTO_SHA256 320 select CRYPTO_SHA256 311 help !! 321 ---help--- 312 Support for HMAC signature generatio 322 Support for HMAC signature generation and verification 313 of SR-enabled packets. 323 of SR-enabled packets. 314 << 315 If unsure, say N. << 316 << 317 config IPV6_SEG6_BPF << 318 def_bool y << 319 depends on IPV6_SEG6_LWTUNNEL << 320 depends on IPV6 = y << 321 << 322 config IPV6_RPL_LWTUNNEL << 323 bool "IPv6: RPL Source Routing Header << 324 depends on IPV6 << 325 select LWTUNNEL << 326 select DST_CACHE << 327 help << 328 Support for RFC6554 RPL Source Routi << 329 tunnels mechanism. << 330 << 331 If unsure, say N. << 332 << 333 config IPV6_IOAM6_LWTUNNEL << 334 bool "IPv6: IOAM Pre-allocated Trace i << 335 depends on IPV6 << 336 select LWTUNNEL << 337 select DST_CACHE << 338 help << 339 Support for the insertion of IOAM Pr << 340 Header using the lightweight tunnels << 341 324 342 If unsure, say N. 325 If unsure, say N. 343 326 344 endif # IPV6 327 endif # IPV6
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.