PageViews: 1,137 hits / 148 nets

IPv6 Support in DeleGate

____________________________________________________________________________
                                                                IPv6NOTE.txt
IPv6-DeleGate Implementation Note

    Current version: DeleGate/9.0.0
    ftp://ftp.delegate.org/pub/DeleGate/alpha/
                                                              Yutaka Sato
                                                              April 22, 2005
____________________________________________________________________________

DeleGate version 9 started supporting IPv6 as the first step of it. 
But since I don't have a practical IPv6 environment, nor necessity of it
(I'm developing it on MacOS X without IPv6 connection to Internet),
I'm not sure if or not it is applicable for practical use.  So comments
from practical users will be appreciated.  Your comments are welcome to
be posted to the open feedback board at
http://www.delegate.org/feedback/ (via feedback@delegate.org)

This note is written for users familiar with DeleGate.  If you are not,
see the reference manual <URL:http://www.delegate.org/delegate/Manual.htm>
I expect that just reading 1.1 and 1.2 below is enough for most users of
DeleGate who use it as a proxy server for usual application protocol on
TCP/IP(v4/v6) like HTTP or so.

1. Common Issue
1.1 IPv6 address notation in DeleGate
  Use "_" for ":".  "%" for scope Id can be used 'as is' in most situation.
  Example:
     "__" for "::"
     "fe80__12_34_56" for "fe80::12:34:56"
     "fe80__12_34_56%en0" for "fe80::12:34:56%en0" (with scope id name)
     "fe80__12_34_56%5" for "fe80::12:34:56%5" (with numeric scope id)

1.2 Accepting at IPv6/IPv4 port
  Specify IPv6 host name or address in -Phost:port option.
  Example:
     -P9999            ... accept IPv4 only (for -P0.0.0.0:9999)
     -P__:9999         ... accept IPv6 only
     -P__0:9999        ... accept IPv4 and IPv6 together
     -P9999,__:9999    ... accept IPv4 and IPv6 respectively
     -Pfe80__12_34%en0:9999 ... accept IPv6 link local address
     -Pme:9999 HOSTS=me/fe80__12_34%en0 ... by host name

  "__0" means using IPv4-mapped IPv6 address if it's available on the host.


1.3 Host name resolution to IPv6/IPv4 address
  By default, IPv4 address is retrieved first. If it's not available,
  IPv6 next.  This order can be controlled with the RES_AF parameter.
  Example:
     RES_AF=46         ... retrieve IPv4 address first (default)
     RES_AF=64         ... retrieve IPv6 address first
     RES_AF=4          ... retrieve IPv4 address only
     RES_AF=6          ... retrieve IPv6 address only

  Or it can be controlled by adding special prefixes for each hostname.
  Example:
     hostname          ... follows RES_TYPES setting
     _46.hostname      ... retrieve IPv4 address first
     _64.hostname      ... retrieve IPv6 address first
     _4.hostname       ... retrieve IPv4 address only
     _6.hostname       ... retrieve IPv6 address only

1.4 Default access control
  64bits mask is used for "on the same networks with me".
  That is, ".localnet" includes "./ffff_ffff_ffff_ffff__"

1.5 Connecting to IPv6 port
  Done automatically in most situation.  When "%scopeid" cannot be used
  as in URL, it is necessary to be escaped using HOSTS parameter.
  Example:
     HOSTS=v6host/fe80__12_34_56_78%ifn
     SERVER=ftp://v6host

1.6 Routing by address family of destination host
  "_6." and "_4." prefix to each host in HostList is introduced.
  Example:
     PROXY="v6gw:8080:_6.*" ... forward to the proxy if the server is IPv6
     SOCKS="v6gw:1080:_6.*" ... forward to the SOCKS if the server is IPv6


2. Application Protocol Specific Issue
2.1 DNS (RFC1886)
  The following RR are relayed by DNS-DeleGate as a proxy resolver
  (with SERVER=dns)
     AAAA
     x.x.x...x.x.x.IP6.INT

2.2 FTP (RFC2428)
  The following commands are supported to represent IPv6 address.
     EPSV
     EPRT

2.3 SOCKS (RFC1928)
  The following methods (for TCP) accept addresses represented in IPv6.
     CONNECT
     BIND

2.4 HTTP
     http://xxxx--yy-zz.ipv6  for xxxx::yy:zz


3. NOT SUPPORTED (YET)
  subin/dgbind
    "subin/dgbind", as an executable file with the setuid bit set and
    owned by super-user, is used to bind a socket to a privileged port,
    without running the DeleGate itself under super-user.
    but when this is used with IPv6 address, like -P__:80,
    it fails because of EACCESS, at least on MacOSX.
    [must be supported]
  HOSTS="v46host/{192.168.1.1,ABCD__12_34_56_78}
    defining a host with mixture of IPv4 and IPv6 addresses.
    [will not be supported]
  UDP/IPv6 over SOCKS
    [should be supported, if someone need it]
  DNS over UDP over IPv6
    [should be supported, if someone need it]
  http://[x:x:x:x:x:x:x:x]
    [will not be supported]
____________________________________________________________________________
Yutaka Sato @ DeleGate.ORG