Home | History | Annotate | Download | only in ip
      1 /*
      2  * CDDL HEADER START
      3  *
      4  * The contents of this file are subject to the terms of the
      5  * Common Development and Distribution License (the "License").
      6  * You may not use this file except in compliance with the License.
      7  *
      8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
      9  * or http://www.opensolaris.org/os/licensing.
     10  * See the License for the specific language governing permissions
     11  * and limitations under the License.
     12  *
     13  * When distributing Covered Code, include this CDDL HEADER in each
     14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
     15  * If applicable, add the following below this CDDL HEADER, with the
     16  * fields enclosed by brackets "[]" replaced with your own identifying
     17  * information: Portions Copyright [yyyy] [name of copyright owner]
     18  *
     19  * CDDL HEADER END
     20  */
     21 /*
     22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
     23  * Use is subject to license terms.
     24  */
     25 /*
     26  * Copyright (c) 1990 Mentat Inc.
     27  */
     28 
     29 #pragma ident	"%Z%%M%	%I%	%E% SMI"
     30 
     31 /*
     32  * This file contains the interface control functions for IPv6.
     33  */
     34 
     35 #include <sys/types.h>
     36 #include <sys/sysmacros.h>
     37 #include <sys/stream.h>
     38 #include <sys/dlpi.h>
     39 #include <sys/stropts.h>
     40 #include <sys/ddi.h>
     41 #include <sys/cmn_err.h>
     42 #include <sys/kstat.h>
     43 #include <sys/debug.h>
     44 #include <sys/zone.h>
     45 #include <sys/policy.h>
     46 
     47 #include <sys/systm.h>
     48 #include <sys/param.h>
     49 #include <sys/socket.h>
     50 #include <sys/isa_defs.h>
     51 #include <net/if.h>
     52 #include <net/if_dl.h>
     53 #include <net/route.h>
     54 #include <netinet/in.h>
     55 #include <netinet/igmp_var.h>
     56 #include <netinet/ip6.h>
     57 #include <netinet/icmp6.h>
     58 #include <netinet/in.h>
     59 
     60 #include <inet/common.h>
     61 #include <inet/nd.h>
     62 #include <inet/mib2.h>
     63 #include <inet/ip.h>
     64 #include <inet/ip6.h>
     65 #include <inet/ip_multi.h>
     66 #include <inet/ip_ire.h>
     67 #include <inet/ip_rts.h>
     68 #include <inet/ip_ndp.h>
     69 #include <inet/ip_if.h>
     70 #include <inet/ip6_asp.h>
     71 #include <inet/tun.h>
     72 #include <inet/ipclassifier.h>
     73 #include <inet/sctp_ip.h>
     74 
     75 #include <sys/tsol/tndb.h>
     76 #include <sys/tsol/tnet.h>
     77 
     78 static in6_addr_t	ipv6_ll_template =
     79 			{(uint32_t)V6_LINKLOCAL, 0x0, 0x0, 0x0};
     80 
     81 static ipif_t *
     82 ipif_lookup_interface_v6(const in6_addr_t *if_addr, const in6_addr_t *dst,
     83     queue_t *q, mblk_t *mp, ipsq_func_t func, int *error, ip_stack_t *ipst);
     84 
     85 /*
     86  * These two functions, ipif_lookup_group_v6() and ill_lookup_group_v6(),
     87  * are called when an application does not specify an interface to be
     88  * used for multicast traffic.  It calls ire_lookup_multi_v6() to look
     89  * for an interface route for the specified multicast group.  Doing
     90  * this allows the administrator to add prefix routes for multicast to
     91  * indicate which interface to be used for multicast traffic in the above
     92  * scenario.  The route could be for all multicast (ff00::/8), for a single
     93  * multicast group (a /128 route) or anything in between.  If there is no
     94  * such multicast route, we just find any multicast capable interface and
     95  * return it.
     96  */
     97 ipif_t *
     98 ipif_lookup_group_v6(const in6_addr_t *group, zoneid_t zoneid, ip_stack_t *ipst)
     99 {
    100 	ire_t	*ire;
    101 	ipif_t	*ipif;
    102 
    103 	ire = ire_lookup_multi_v6(group, zoneid, ipst);
    104 	if (ire != NULL) {
    105 		ipif = ire->ire_ipif;
    106 		ipif_refhold(ipif);
    107 		ire_refrele(ire);
    108 		return (ipif);
    109 	}
    110 
    111 	return (ipif_lookup_multicast(ipst, zoneid, B_TRUE));
    112 }
    113 
    114 ill_t *
    115 ill_lookup_group_v6(const in6_addr_t *group, zoneid_t zoneid, ip_stack_t *ipst)
    116 {
    117 	ire_t	*ire;
    118 	ill_t	*ill;
    119 	ipif_t	*ipif;
    120 
    121 	ire = ire_lookup_multi_v6(group, zoneid, ipst);
    122 	if (ire != NULL) {
    123 		ill = ire->ire_ipif->ipif_ill;
    124 		ill_refhold(ill);
    125 		ire_refrele(ire);
    126 		return (ill);
    127 	}
    128 
    129 	ipif = ipif_lookup_multicast(ipst, zoneid, B_TRUE);
    130 	if (ipif == NULL)
    131 		return (NULL);
    132 
    133 	ill = ipif->ipif_ill;
    134 	ill_refhold(ill);
    135 	ipif_refrele(ipif);
    136 	return (ill);
    137 }
    138 
    139 /*
    140  * Look for an ipif with the specified interface address and destination.
    141  * The destination address is used only for matching point-to-point interfaces.
    142  */
    143 static ipif_t *
    144 ipif_lookup_interface_v6(const in6_addr_t *if_addr, const in6_addr_t *dst,
    145     queue_t *q, mblk_t *mp, ipsq_func_t func, int *error, ip_stack_t *ipst)
    146 {
    147 	ipif_t	*ipif;
    148 	ill_t	*ill;
    149 	ipsq_t	*ipsq;
    150 	ill_walk_context_t ctx;
    151 
    152 	if (error != NULL)
    153 		*error = 0;
    154 
    155 	/*
    156 	 * First match all the point-to-point interfaces
    157 	 * before looking at non-point-to-point interfaces.
    158 	 * This is done to avoid returning non-point-to-point
    159 	 * ipif instead of unnumbered point-to-point ipif.
    160 	 */
    161 	rw_enter(&ipst->ips_ill_g_lock, RW_READER);
    162 	ill = ILL_START_WALK_V6(&ctx, ipst);
    163 	for (; ill != NULL; ill = ill_next(&ctx, ill)) {
    164 		GRAB_CONN_LOCK(q);
    165 		mutex_enter(&ill->ill_lock);
    166 		for (ipif = ill->ill_ipif; ipif != NULL;
    167 		    ipif = ipif->ipif_next) {
    168 			/* Allow the ipif to be down */
    169 			if ((ipif->ipif_flags & IPIF_POINTOPOINT) &&
    170 			    (IN6_ARE_ADDR_EQUAL(&ipif->ipif_v6lcl_addr,
    171 			    if_addr)) &&
    172 			    (IN6_ARE_ADDR_EQUAL(&ipif->ipif_v6pp_dst_addr,
    173 			    dst))) {
    174 				if (IPIF_CAN_LOOKUP(ipif)) {
    175 					ipif_refhold_locked(ipif);
    176 					mutex_exit(&ill->ill_lock);
    177 					RELEASE_CONN_LOCK(q);
    178 					rw_exit(&ipst->ips_ill_g_lock);
    179 					return (ipif);
    180 				} else if (IPIF_CAN_WAIT(ipif, q)) {
    181 					ipsq = ill->ill_phyint->phyint_ipsq;
    182 					mutex_enter(&ipsq->ipsq_lock);
    183 					mutex_exit(&ill->ill_lock);
    184 					rw_exit(&ipst->ips_ill_g_lock);
    185 					ipsq_enq(ipsq, q, mp, func, NEW_OP,
    186 					    ill);
    187 					mutex_exit(&ipsq->ipsq_lock);
    188 					RELEASE_CONN_LOCK(q);
    189 					if (error != NULL)
    190 						*error = EINPROGRESS;
    191 					return (NULL);
    192 				}
    193 			}
    194 		}
    195 		mutex_exit(&ill->ill_lock);
    196 		RELEASE_CONN_LOCK(q);
    197 	}
    198 	rw_exit(&ipst->ips_ill_g_lock);
    199 	/* lookup the ipif based on interface address */
    200 	ipif = ipif_lookup_addr_v6(if_addr, NULL, ALL_ZONES, q, mp, func,
    201 	    error, ipst);
    202 	ASSERT(ipif == NULL || ipif->ipif_isv6);
    203 	return (ipif);
    204 }
    205 
    206 /*
    207  * Look for an ipif with the specified address. For point-point links
    208  * we look for matches on either the destination address and the local
    209  * address, but we ignore the check on the local address if IPIF_UNNUMBERED
    210  * is set.
    211  * Matches on a specific ill if match_ill is set.
    212  */
    213 /* ARGSUSED */
    214 ipif_t *
    215 ipif_lookup_addr_v6(const in6_addr_t *addr, ill_t *match_ill, zoneid_t zoneid,
    216     queue_t *q, mblk_t *mp, ipsq_func_t func, int *error, ip_stack_t *ipst)
    217 {
    218 	ipif_t	*ipif;
    219 	ill_t	*ill;
    220 	boolean_t  ptp = B_FALSE;
    221 	ipsq_t	*ipsq;
    222 	ill_walk_context_t ctx;
    223 
    224 	if (error != NULL)
    225 		*error = 0;
    226 
    227 	rw_enter(&ipst->ips_ill_g_lock, RW_READER);
    228 	/*
    229 	 * Repeat twice, first based on local addresses and
    230 	 * next time for pointopoint.
    231 	 */
    232 repeat:
    233 	ill = ILL_START_WALK_V6(&ctx, ipst);
    234 	for (; ill != NULL; ill = ill_next(&ctx, ill)) {
    235 		if (match_ill != NULL && ill != match_ill) {
    236 			continue;
    237 		}
    238 		GRAB_CONN_LOCK(q);
    239 		mutex_enter(&ill->ill_lock);
    240 		for (ipif = ill->ill_ipif; ipif != NULL;
    241 		    ipif = ipif->ipif_next) {
    242 			if (zoneid != ALL_ZONES &&
    243 			    ipif->ipif_zoneid != zoneid &&
    244 			    ipif->ipif_zoneid != ALL_ZONES)
    245 				continue;
    246 			/* Allow the ipif to be down */
    247 			if ((!ptp && (IN6_ARE_ADDR_EQUAL(
    248 			    &ipif->ipif_v6lcl_addr, addr) &&
    249 			    (ipif->ipif_flags & IPIF_UNNUMBERED) == 0)) ||
    250 			    (ptp && (ipif->ipif_flags & IPIF_POINTOPOINT) &&
    251 			    IN6_ARE_ADDR_EQUAL(&ipif->ipif_v6pp_dst_addr,
    252 			    addr))) {
    253 				if (IPIF_CAN_LOOKUP(ipif)) {
    254 					ipif_refhold_locked(ipif);
    255 					mutex_exit(&ill->ill_lock);
    256 					RELEASE_CONN_LOCK(q);
    257 					rw_exit(&ipst->ips_ill_g_lock);
    258 					return (ipif);
    259 				} else if (IPIF_CAN_WAIT(ipif, q)) {
    260 					ipsq = ill->ill_phyint->phyint_ipsq;
    261 					mutex_enter(&ipsq->ipsq_lock);
    262 					mutex_exit(&ill->ill_lock);
    263 					rw_exit(&ipst->ips_ill_g_lock);
    264 					ipsq_enq(ipsq, q, mp, func, NEW_OP,
    265 					    ill);
    266 					mutex_exit(&ipsq->ipsq_lock);
    267 					RELEASE_CONN_LOCK(q);
    268 					if (error != NULL)
    269 						*error = EINPROGRESS;
    270 					return (NULL);
    271 				}
    272 			}
    273 		}
    274 		mutex_exit(&ill->ill_lock);
    275 		RELEASE_CONN_LOCK(q);
    276 	}
    277 
    278 	/* If we already did the ptp case, then we are done */
    279 	if (ptp) {
    280 		rw_exit(&ipst->ips_ill_g_lock);
    281 		if (error != NULL)
    282 			*error = ENXIO;
    283 		return (NULL);
    284 	}
    285 	ptp = B_TRUE;
    286 	goto repeat;
    287 }
    288 
    289 /*
    290  * Look for an ipif with the specified address. For point-point links
    291  * we look for matches on either the destination address and the local
    292  * address, but we ignore the check on the local address if IPIF_UNNUMBERED
    293  * is set.
    294  * Matches on a specific ill if match_ill is set.
    295  * Return the zoneid for the ipif. ALL_ZONES if none found.
    296  */
    297 zoneid_t
    298 ipif_lookup_addr_zoneid_v6(const in6_addr_t *addr, ill_t *match_ill,
    299     ip_stack_t *ipst)
    300 {
    301 	ipif_t	*ipif;
    302 	ill_t	*ill;
    303 	boolean_t  ptp = B_FALSE;
    304 	ill_walk_context_t ctx;
    305 	zoneid_t	zoneid;
    306 
    307 	rw_enter(&ipst->ips_ill_g_lock, RW_READER);
    308 	/*
    309 	 * Repeat twice, first based on local addresses and
    310 	 * next time for pointopoint.
    311 	 */
    312 repeat:
    313 	ill = ILL_START_WALK_V6(&ctx, ipst);
    314 	for (; ill != NULL; ill = ill_next(&ctx, ill)) {
    315 		if (match_ill != NULL && ill != match_ill) {
    316 			continue;
    317 		}
    318 		mutex_enter(&ill->ill_lock);
    319 		for (ipif = ill->ill_ipif; ipif != NULL;
    320 		    ipif = ipif->ipif_next) {
    321 			/* Allow the ipif to be down */
    322 			if ((!ptp && (IN6_ARE_ADDR_EQUAL(
    323 			    &ipif->ipif_v6lcl_addr, addr) &&
    324 			    (ipif->ipif_flags & IPIF_UNNUMBERED) == 0)) ||
    325 			    (ptp && (ipif->ipif_flags & IPIF_POINTOPOINT) &&
    326 			    IN6_ARE_ADDR_EQUAL(&ipif->ipif_v6pp_dst_addr,
    327 			    addr)) &&
    328 			    !(ipif->ipif_state_flags & IPIF_CONDEMNED)) {
    329 				zoneid = ipif->ipif_zoneid;
    330 				mutex_exit(&ill->ill_lock);
    331 				rw_exit(&ipst->ips_ill_g_lock);
    332 				/*
    333 				 * If ipif_zoneid was ALL_ZONES then we have
    334 				 * a trusted extensions shared IP address.
    335 				 * In that case GLOBAL_ZONEID works to send.
    336 				 */
    337 				if (zoneid == ALL_ZONES)
    338 					zoneid = GLOBAL_ZONEID;
    339 				return (zoneid);
    340 			}
    341 		}
    342 		mutex_exit(&ill->ill_lock);
    343 	}
    344 
    345 	/* If we already did the ptp case, then we are done */
    346 	if (ptp) {
    347 		rw_exit(&ipst->ips_ill_g_lock);
    348 		return (ALL_ZONES);
    349 	}
    350 	ptp = B_TRUE;
    351 	goto repeat;
    352 }
    353 
    354 /*
    355  * Perform various checks to verify that an address would make sense as a local
    356  * interface address.  This is currently only called when an attempt is made
    357  * to set a local address.
    358  *
    359  * Does not allow a v4-mapped address, an address that equals the subnet
    360  * anycast address, ... a multicast address, ...
    361  */
    362 boolean_t
    363 ip_local_addr_ok_v6(const in6_addr_t *addr, const in6_addr_t *subnet_mask)
    364 {
    365 	in6_addr_t subnet;
    366 
    367 	if (IN6_IS_ADDR_UNSPECIFIED(addr))
    368 		return (B_TRUE);	/* Allow all zeros */
    369 
    370 	/*
    371 	 * Don't allow all zeroes or host part, but allow
    372 	 * all ones netmask.
    373 	 */
    374 	V6_MASK_COPY(*addr, *subnet_mask, subnet);
    375 	if (IN6_IS_ADDR_V4MAPPED(addr) ||
    376 	    (IN6_ARE_ADDR_EQUAL(addr, &subnet) &&
    377 	    !IN6_ARE_ADDR_EQUAL(subnet_mask, &ipv6_all_ones)) ||
    378 	    (IN6_IS_ADDR_V4COMPAT(addr) && CLASSD(V4_PART_OF_V6((*addr)))) ||
    379 	    IN6_IS_ADDR_MULTICAST(addr))
    380 		return (B_FALSE);
    381 
    382 	return (B_TRUE);
    383 }
    384 
    385 /*
    386  * Perform various checks to verify that an address would make sense as a
    387  * remote/subnet interface address.
    388  */
    389 boolean_t
    390 ip_remote_addr_ok_v6(const in6_addr_t *addr, const in6_addr_t *subnet_mask)
    391 {
    392 	in6_addr_t subnet;
    393 
    394 	if (IN6_IS_ADDR_UNSPECIFIED(addr))
    395 		return (B_TRUE);	/* Allow all zeros */
    396 
    397 	V6_MASK_COPY(*addr, *subnet_mask, subnet);
    398 	if (IN6_IS_ADDR_V4MAPPED(addr) ||
    399 	    (IN6_ARE_ADDR_EQUAL(addr, &subnet) &&
    400 	    !IN6_ARE_ADDR_EQUAL(subnet_mask, &ipv6_all_ones)) ||
    401 	    IN6_IS_ADDR_MULTICAST(addr) ||
    402 	    (IN6_IS_ADDR_V4COMPAT(addr) && CLASSD(V4_PART_OF_V6((*addr)))))
    403 		return (B_FALSE);
    404 
    405 	return (B_TRUE);
    406 }
    407 
    408 /*
    409  * ip_rt_add_v6 is called to add an IPv6 route to the forwarding table.
    410  * ipif_arg is passed in to associate it with the correct interface
    411  * (for link-local destinations and gateways).
    412  */
    413 /* ARGSUSED1 */
    414 int
    415 ip_rt_add_v6(const in6_addr_t *dst_addr, const in6_addr_t *mask,
    416     const in6_addr_t *gw_addr, const in6_addr_t *src_addr, int flags,
    417     ipif_t *ipif_arg, ire_t **ire_arg, queue_t *q, mblk_t *mp, ipsq_func_t func,
    418     struct rtsa_s *sp, ip_stack_t *ipst)
    419 {
    420 	ire_t	*ire;
    421 	ire_t	*gw_ire = NULL;
    422 	ipif_t	*ipif;
    423 	boolean_t ipif_refheld = B_FALSE;
    424 	uint_t	type;
    425 	int	match_flags = MATCH_IRE_TYPE;
    426 	int	error;
    427 	tsol_gc_t *gc = NULL;
    428 	tsol_gcgrp_t *gcgrp = NULL;
    429 	boolean_t gcgrp_xtraref = B_FALSE;
    430 
    431 	if (ire_arg != NULL)
    432 		*ire_arg = NULL;
    433 
    434 	/*
    435 	 * Prevent routes with a zero gateway from being created (since
    436 	 * interfaces can currently be plumbed and brought up with no assigned
    437 	 * address).
    438 	 */
    439 	if (IN6_IS_ADDR_UNSPECIFIED(gw_addr))
    440 		return (ENETUNREACH);
    441 
    442 	/*
    443 	 * If this is the case of RTF_HOST being set, then we set the netmask
    444 	 * to all ones (regardless if one was supplied).
    445 	 */
    446 	if (flags & RTF_HOST)
    447 		mask = &ipv6_all_ones;
    448 
    449 	/*
    450 	 * Get the ipif, if any, corresponding to the gw_addr
    451 	 */
    452 	ipif = ipif_lookup_interface_v6(gw_addr, dst_addr, q, mp, func,
    453 	    &error, ipst);
    454 	if (ipif != NULL)
    455 		ipif_refheld = B_TRUE;
    456 	else if (error == EINPROGRESS) {
    457 		ip1dbg(("ip_rt_add_v6: null and EINPROGRESS"));
    458 		return (error);
    459 	}
    460 
    461 	/*
    462 	 * GateD will attempt to create routes with a loopback interface
    463 	 * address as the gateway and with RTF_GATEWAY set.  We allow
    464 	 * these routes to be added, but create them as interface routes
    465 	 * since the gateway is an interface address.
    466 	 */
    467 	if ((ipif != NULL) && (ipif->ipif_ire_type == IRE_LOOPBACK)) {
    468 		flags &= ~RTF_GATEWAY;
    469 		if (IN6_ARE_ADDR_EQUAL(gw_addr, &ipv6_loopback) &&
    470 		    IN6_ARE_ADDR_EQUAL(dst_addr, &ipv6_loopback) &&
    471 		    IN6_ARE_ADDR_EQUAL(mask, &ipv6_all_ones)) {
    472 			ire = ire_ctable_lookup_v6(dst_addr, 0, IRE_LOOPBACK,
    473 			    ipif, ALL_ZONES, NULL, match_flags, ipst);
    474 			if (ire != NULL) {
    475 				ire_refrele(ire);
    476 				if (ipif_refheld)
    477 					ipif_refrele(ipif);
    478 				return (EEXIST);
    479 			}
    480 			ip1dbg(("ipif_up_done: 0x%p creating IRE 0x%x"
    481 			    "for 0x%x\n", (void *)ipif,
    482 			    ipif->ipif_ire_type,
    483 			    ntohl(ipif->ipif_lcl_addr)));
    484 			ire = ire_create_v6(
    485 			    dst_addr,
    486 			    mask,
    487 			    &ipif->ipif_v6src_addr,
    488 			    NULL,
    489 			    &ipif->ipif_mtu,
    490 			    NULL,
    491 			    NULL,
    492 			    NULL,
    493 			    ipif->ipif_net_type,
    494 			    ipif,
    495 			    NULL,
    496 			    0,
    497 			    0,
    498 			    flags,
    499 			    &ire_uinfo_null,
    500 			    NULL,
    501 			    NULL,
    502 			    ipst);
    503 			if (ire == NULL) {
    504 				if (ipif_refheld)
    505 					ipif_refrele(ipif);
    506 				return (ENOMEM);
    507 			}
    508 			error = ire_add(&ire, q, mp, func, B_FALSE);
    509 			if (error == 0)
    510 				goto save_ire;
    511 			/*
    512 			 * In the result of failure, ire_add() will have already
    513 			 * deleted the ire in question, so there is no need to
    514 			 * do that here.
    515 			 */
    516 			if (ipif_refheld)
    517 				ipif_refrele(ipif);
    518 			return (error);
    519 		}
    520 	}
    521 
    522 	/*
    523 	 * Traditionally, interface routes are ones where RTF_GATEWAY isn't set
    524 	 * and the gateway address provided is one of the system's interface
    525 	 * addresses.  By using the routing socket interface and supplying an
    526 	 * RTA_IFP sockaddr with an interface index, an alternate method of
    527 	 * specifying an interface route to be created is available which uses
    528 	 * the interface index that specifies the outgoing interface rather than
    529 	 * the address of an outgoing interface (which may not be able to
    530 	 * uniquely identify an interface).  When coupled with the RTF_GATEWAY
    531 	 * flag, routes can be specified which not only specify the next-hop to
    532 	 * be used when routing to a certain prefix, but also which outgoing
    533 	 * interface should be used.
    534 	 *
    535 	 * Previously, interfaces would have unique addresses assigned to them
    536 	 * and so the address assigned to a particular interface could be used
    537 	 * to identify a particular interface.  One exception to this was the
    538 	 * case of an unnumbered interface (where IPIF_UNNUMBERED was set).
    539 	 *
    540 	 * With the advent of IPv6 and its link-local addresses, this
    541 	 * restriction was relaxed and interfaces could share addresses between
    542 	 * themselves.  In fact, typically all of the link-local interfaces on
    543 	 * an IPv6 node or router will have the same link-local address.  In
    544 	 * order to differentiate between these interfaces, the use of an
    545 	 * interface index is necessary and this index can be carried inside a
    546 	 * RTA_IFP sockaddr (which is actually a sockaddr_dl).  One restriction
    547 	 * of using the interface index, however, is that all of the ipif's that
    548 	 * are part of an ill have the same index and so the RTA_IFP sockaddr
    549 	 * cannot be used to differentiate between ipif's (or logical
    550 	 * interfaces) that belong to the same ill (physical interface).
    551 	 *
    552 	 * For example, in the following case involving IPv4 interfaces and
    553 	 * logical interfaces
    554 	 *
    555 	 *	192.0.2.32	255.255.255.224	192.0.2.33	U	if0
    556 	 *	192.0.2.32	255.255.255.224	192.0.2.34	U	if0:1
    557 	 *	192.0.2.32	255.255.255.224	192.0.2.35	U	if0:2
    558 	 *
    559 	 * the ipif's corresponding to each of these interface routes can be
    560 	 * uniquely identified by the "gateway" (actually interface address).
    561 	 *
    562 	 * In this case involving multiple IPv6 default routes to a particular
    563 	 * link-local gateway, the use of RTA_IFP is necessary to specify which
    564 	 * default route is of interest:
    565 	 *
    566 	 *	default		fe80::123:4567:89ab:cdef	U	if0
    567 	 *	default		fe80::123:4567:89ab:cdef	U	if1
    568 	 */
    569 
    570 	/* RTF_GATEWAY not set */
    571 	if (!(flags & RTF_GATEWAY)) {
    572 		queue_t	*stq;
    573 
    574 		if (sp != NULL) {
    575 			ip2dbg(("ip_rt_add_v6: gateway security attributes "
    576 			    "cannot be set with interface route\n"));
    577 			if (ipif_refheld)
    578 				ipif_refrele(ipif);
    579 			return (EINVAL);
    580 		}
    581 
    582 		/*
    583 		 * As the interface index specified with the RTA_IFP sockaddr is
    584 		 * the same for all ipif's off of an ill, the matching logic
    585 		 * below uses MATCH_IRE_ILL if such an index was specified.
    586 		 * This means that routes sharing the same prefix when added
    587 		 * using a RTA_IFP sockaddr must have distinct interface
    588 		 * indices (namely, they must be on distinct ill's).
    589 		 *
    590 		 * On the other hand, since the gateway address will usually be
    591 		 * different for each ipif on the system, the matching logic
    592 		 * uses MATCH_IRE_IPIF in the case of a traditional interface
    593 		 * route.  This means that interface routes for the same prefix
    594 		 * can be created if they belong to distinct ipif's and if a
    595 		 * RTA_IFP sockaddr is not present.
    596 		 */
    597 		if (ipif_arg != NULL) {
    598 			if (ipif_refheld) {
    599 				ipif_refrele(ipif);
    600 				ipif_refheld = B_FALSE;
    601 			}
    602 			ipif = ipif_arg;
    603 			match_flags |= MATCH_IRE_ILL;
    604 		} else {
    605 			/*
    606 			 * Check the ipif corresponding to the gw_addr
    607 			 */
    608 			if (ipif == NULL)
    609 				return (ENETUNREACH);
    610 			match_flags |= MATCH_IRE_IPIF;
    611 		}
    612 
    613 		ASSERT(ipif != NULL);
    614 		/*
    615 		 * We check for an existing entry at this point.
    616 		 */
    617 		match_flags |= MATCH_IRE_MASK;
    618 		ire = ire_ftable_lookup_v6(dst_addr, mask, 0, IRE_INTERFACE,
    619 		    ipif, NULL, ALL_ZONES, 0, NULL, match_flags, ipst);
    620 		if (ire != NULL) {
    621 			ire_refrele(ire);
    622 			if (ipif_refheld)
    623 				ipif_refrele(ipif);
    624 			return (EEXIST);
    625 		}
    626 
    627 		stq = (ipif->ipif_net_type == IRE_IF_RESOLVER)
    628 		    ? ipif->ipif_rq : ipif->ipif_wq;
    629 
    630 		/*
    631 		 * Create a copy of the IRE_LOOPBACK, IRE_IF_NORESOLVER or
    632 		 * IRE_IF_RESOLVER with the modified address and netmask.
    633 		 */
    634 		ire = ire_create_v6(
    635 		    dst_addr,
    636 		    mask,
    637 		    &ipif->ipif_v6src_addr,
    638 		    NULL,
    639 		    &ipif->ipif_mtu,
    640 		    NULL,
    641 		    NULL,
    642 		    stq,
    643 		    ipif->ipif_net_type,
    644 		    ipif,
    645 		    NULL,
    646 		    0,
    647 		    0,
    648 		    flags,
    649 		    &ire_uinfo_null,
    650 		    NULL,
    651 		    NULL,
    652 		    ipst);
    653 		if (ire == NULL) {
    654 			if (ipif_refheld)
    655 				ipif_refrele(ipif);
    656 			return (ENOMEM);
    657 		}
    658 
    659 		/*
    660 		 * Some software (for example, GateD and Sun Cluster) attempts
    661 		 * to create (what amount to) IRE_PREFIX routes with the
    662 		 * loopback address as the gateway.  This is primarily done to
    663 		 * set up prefixes with the RTF_REJECT flag set (for example,
    664 		 * when generating aggregate routes). We also OR in the
    665 		 * RTF_BLACKHOLE flag as these interface routes, by
    666 		 * definition, can only be that.
    667 		 *
    668 		 * If the IRE type (as defined by ipif->ipif_net_type) is
    669 		 * IRE_LOOPBACK, then we map the request into a
    670 		 * IRE_IF_NORESOLVER.
    671 		 *
    672 		 * Needless to say, the real IRE_LOOPBACK is NOT created by this
    673 		 * routine, but rather using ire_create_v6() directly.
    674 		 */
    675 		if (ipif->ipif_net_type == IRE_LOOPBACK) {
    676 			ire->ire_type = IRE_IF_NORESOLVER;
    677 			ire->ire_flags |= RTF_BLACKHOLE;
    678 		}
    679 		error = ire_add(&ire, q, mp, func, B_FALSE);
    680 		if (error == 0)
    681 			goto save_ire;
    682 		/*
    683 		 * In the result of failure, ire_add() will have already
    684 		 * deleted the ire in question, so there is no need to
    685 		 * do that here.
    686 		 */
    687 		if (ipif_refheld)
    688 			ipif_refrele(ipif);
    689 		return (error);
    690 	}
    691 	if (ipif_refheld) {
    692 		ipif_refrele(ipif);
    693 		ipif_refheld = B_FALSE;
    694 	}
    695 
    696 	/*
    697 	 * Get an interface IRE for the specified gateway.
    698 	 * If we don't have an IRE_IF_NORESOLVER or IRE_IF_RESOLVER for the
    699 	 * gateway, it is currently unreachable and we fail the request
    700 	 * accordingly.
    701 	 */
    702 	ipif = ipif_arg;
    703 	if (ipif_arg != NULL)
    704 		match_flags |= MATCH_IRE_ILL;
    705 	gw_ire = ire_ftable_lookup_v6(gw_addr, 0, 0, IRE_INTERFACE, ipif_arg,
    706 	    NULL, ALL_ZONES, 0, NULL, match_flags, ipst);
    707 	if (gw_ire == NULL)
    708 		return (ENETUNREACH);
    709 
    710 	/*
    711 	 * We create one of three types of IREs as a result of this request
    712 	 * based on the netmask.  A netmask of all ones (which is automatically
    713 	 * assumed when RTF_HOST is set) results in an IRE_HOST being created.
    714 	 * An all zeroes netmask implies a default route so an IRE_DEFAULT is
    715 	 * created.  Otherwise, an IRE_PREFIX route is created for the
    716 	 * destination prefix.
    717 	 */
    718 	if (IN6_ARE_ADDR_EQUAL(mask, &ipv6_all_ones))
    719 		type = IRE_HOST;
    720 	else if (IN6_IS_ADDR_UNSPECIFIED(mask))
    721 		type = IRE_DEFAULT;
    722 	else
    723 		type = IRE_PREFIX;
    724 
    725 	/* check for a duplicate entry */
    726 	ire = ire_ftable_lookup_v6(dst_addr, mask, gw_addr, type, ipif_arg,
    727 	    NULL, ALL_ZONES, 0, NULL,
    728 	    match_flags | MATCH_IRE_MASK | MATCH_IRE_GW, ipst);
    729 	if (ire != NULL) {
    730 		ire_refrele(gw_ire);
    731 		ire_refrele(ire);
    732 		return (EEXIST);
    733 	}
    734 
    735 	/* Security attribute exists */
    736 	if (sp != NULL) {
    737 		tsol_gcgrp_addr_t ga;
    738 
    739 		/* find or create the gateway credentials group */
    740 		ga.ga_af = AF_INET6;
    741 		ga.ga_addr = *gw_addr;
    742 
    743 		/* we hold reference to it upon success */
    744 		gcgrp = gcgrp_lookup(&ga, B_TRUE);
    745 		if (gcgrp == NULL) {
    746 			ire_refrele(gw_ire);
    747 			return (ENOMEM);
    748 		}
    749 
    750 		/*
    751 		 * Create and add the security attribute to the group; a
    752 		 * reference to the group is made upon allocating a new
    753 		 * entry successfully.  If it finds an already-existing
    754 		 * entry for the security attribute in the group, it simply
    755 		 * returns it and no new reference is made to the group.
    756 		 */
    757 		gc = gc_create(sp, gcgrp, &gcgrp_xtraref);
    758 		if (gc == NULL) {
    759 			/* release reference held by gcgrp_lookup */
    760 			GCGRP_REFRELE(gcgrp);
    761 			ire_refrele(gw_ire);
    762 			return (ENOMEM);
    763 		}
    764 	}
    765 
    766 	/* Create the IRE. */
    767 	ire = ire_create_v6(
    768 	    dst_addr,				/* dest address */
    769 	    mask,				/* mask */
    770 	    /* src address assigned by the caller? */
    771 	    (((flags & RTF_SETSRC) && !IN6_IS_ADDR_UNSPECIFIED(src_addr)) ?
    772 	    src_addr : NULL),
    773 	    gw_addr,				/* gateway address */
    774 	    &gw_ire->ire_max_frag,
    775 	    NULL,				/* no src nce */
    776 	    NULL,				/* no recv-from queue */
    777 	    NULL,				/* no send-to queue */
    778 	    (ushort_t)type,			/* IRE type */
    779 	    ipif_arg,
    780 	    NULL,
    781 	    0,
    782 	    0,
    783 	    flags,
    784 	    &gw_ire->ire_uinfo,			/* Inherit ULP info from gw */
    785 	    gc,					/* security attribute */
    786 	    NULL,
    787 	    ipst);
    788 
    789 	/*
    790 	 * The ire holds a reference to the 'gc' and the 'gc' holds a
    791 	 * reference to the 'gcgrp'. We can now release the extra reference
    792 	 * the 'gcgrp' acquired in the gcgrp_lookup, if it was not used.
    793 	 */
    794 	if (gcgrp_xtraref)
    795 		GCGRP_REFRELE(gcgrp);
    796 	if (ire == NULL) {
    797 		if (gc != NULL)
    798 			GC_REFRELE(gc);
    799 		ire_refrele(gw_ire);
    800 		return (ENOMEM);
    801 	}
    802 
    803 	/*
    804 	 * POLICY: should we allow an RTF_HOST with address INADDR_ANY?
    805 	 * SUN/OS socket stuff does but do we really want to allow ::0 ?
    806 	 */
    807 
    808 	/* Add the new IRE. */
    809 	error = ire_add(&ire, q, mp, func, B_FALSE);
    810 	/*
    811 	 * In the result of failure, ire_add() will have already
    812 	 * deleted the ire in question, so there is no need to
    813 	 * do that here.
    814 	 */
    815 	if (error != 0) {
    816 		ire_refrele(gw_ire);
    817 		return (error);
    818 	}
    819 
    820 	if (flags & RTF_MULTIRT) {
    821 		/*
    822 		 * Invoke the CGTP (multirouting) filtering module
    823 		 * to add the dst address in the filtering database.
    824 		 * Replicated inbound packets coming from that address
    825 		 * will be filtered to discard the duplicates.
    826 		 * It is not necessary to call the CGTP filter hook
    827 		 * when the dst address is a multicast, because an
    828 		 * IP source address cannot be a multicast.
    829 		 */
    830 		if (ipst->ips_ip_cgtp_filter_ops != NULL &&
    831 		    !IN6_IS_ADDR_MULTICAST(&(ire->ire_addr_v6))) {
    832 			int res;
    833 
    834 			res = ipst->ips_ip_cgtp_filter_ops->cfo_add_dest_v6(
    835 			    ipst->ips_netstack->netstack_stackid,
    836 			    &ire->ire_addr_v6,
    837 			    &ire->ire_gateway_addr_v6,
    838 			    &ire->ire_src_addr_v6,
    839 			    &gw_ire->ire_src_addr_v6);
    840 			if (res != 0) {
    841 				ire_refrele(gw_ire);
    842 				ire_delete(ire);
    843 				return (res);
    844 			}
    845 		}
    846 	}
    847 
    848 	/*
    849 	 * Now that the prefix IRE entry has been created, delete any
    850 	 * existing gateway IRE cache entries as well as any IRE caches
    851 	 * using the gateway, and force them to be created through
    852 	 * ip_newroute_v6.
    853 	 */
    854 	if (gc != NULL) {
    855 		ASSERT(gcgrp != NULL);
    856 		ire_clookup_delete_cache_gw_v6(gw_addr, ALL_ZONES, ipst);
    857 	}
    858 
    859 save_ire:
    860 	if (gw_ire != NULL) {
    861 		ire_refrele(gw_ire);
    862 	}
    863 	if (ipif != NULL) {
    864 		mblk_t	*save_mp;
    865 
    866 		/*
    867 		 * Save enough information so that we can recreate the IRE if
    868 		 * the interface goes down and then up.  The metrics associated
    869 		 * with the route will be saved as well when rts_setmetrics() is
    870 		 * called after the IRE has been created.  In the case where
    871 		 * memory cannot be allocated, none of this information will be
    872 		 * saved.
    873 		 */
    874 		save_mp = allocb(sizeof (ifrt_t), BPRI_MED);
    875 		if (save_mp != NULL) {
    876 			ifrt_t	*ifrt;
    877 
    878 			save_mp->b_wptr += sizeof (ifrt_t);
    879 			ifrt = (ifrt_t *)save_mp->b_rptr;
    880 			bzero(ifrt, sizeof (ifrt_t));
    881 			ifrt->ifrt_type = ire->ire_type;
    882 			ifrt->ifrt_v6addr = ire->ire_addr_v6;
    883 			mutex_enter(&ire->ire_lock);
    884 			ifrt->ifrt_v6gateway_addr = ire->ire_gateway_addr_v6;
    885 			ifrt->ifrt_v6src_addr = ire->ire_src_addr_v6;
    886 			mutex_exit(&ire->ire_lock);
    887 			ifrt->ifrt_v6mask = ire->ire_mask_v6;
    888 			ifrt->ifrt_flags = ire->ire_flags;
    889 			ifrt->ifrt_max_frag = ire->ire_max_frag;
    890 			mutex_enter(&ipif->ipif_saved_ire_lock);
    891 			save_mp->b_cont = ipif->ipif_saved_ire_mp;
    892 			ipif->ipif_saved_ire_mp = save_mp;
    893 			ipif->ipif_saved_ire_cnt++;
    894 			mutex_exit(&ipif->ipif_saved_ire_lock);
    895 		}
    896 	}
    897 	if (ire_arg != NULL) {
    898 		/*
    899 		 * Store the ire that was successfully added into where ire_arg
    900 		 * points to so that callers don't have to look it up
    901 		 * themselves (but they are responsible for ire_refrele()ing
    902 		 * the ire when they are finished with it).
    903 		 */
    904 		*ire_arg = ire;
    905 	} else {
    906 		ire_refrele(ire);		/* Held in ire_add */
    907 	}
    908 	if (ipif_refheld)
    909 		ipif_refrele(ipif);
    910 	return (0);
    911 }
    912 
    913 /*
    914  * ip_rt_delete_v6 is called to delete an IPv6 route.
    915  * ipif_arg is passed in to associate it with the correct interface
    916  * (for link-local destinations and gateways).
    917  */
    918 /* ARGSUSED4 */
    919 int
    920 ip_rt_delete_v6(const in6_addr_t *dst_addr, const in6_addr_t *mask,
    921     const in6_addr_t *gw_addr, uint_t rtm_addrs, int flags, ipif_t *ipif_arg,
    922     queue_t *q, mblk_t *mp, ipsq_func_t func, ip_stack_t *ipst)
    923 {
    924 	ire_t	*ire = NULL;
    925 	ipif_t	*ipif;
    926 	uint_t	type;
    927 	uint_t	match_flags = MATCH_IRE_TYPE;
    928 	int	err = 0;
    929 	boolean_t	ipif_refheld = B_FALSE;
    930 
    931 	/*
    932 	 * If this is the case of RTF_HOST being set, then we set the netmask
    933 	 * to all ones.  Otherwise, we use the netmask if one was supplied.
    934 	 */
    935 	if (flags & RTF_HOST) {
    936 		mask = &ipv6_all_ones;
    937 		match_flags |= MATCH_IRE_MASK;
    938 	} else if (rtm_addrs & RTA_NETMASK) {
    939 		match_flags |= MATCH_IRE_MASK;
    940 	}
    941 
    942 	/*
    943 	 * Note that RTF_GATEWAY is never set on a delete, therefore
    944 	 * we check if the gateway address is one of our interfaces first,
    945 	 * and fall back on RTF_GATEWAY routes.
    946 	 *
    947 	 * This makes it possible to delete an original
    948 	 * IRE_IF_NORESOLVER/IRE_IF_RESOLVER - consistent with SunOS 4.1.
    949 	 *
    950 	 * As the interface index specified with the RTA_IFP sockaddr is the
    951 	 * same for all ipif's off of an ill, the matching logic below uses
    952 	 * MATCH_IRE_ILL if such an index was specified.  This means a route
    953 	 * sharing the same prefix and interface index as the the route
    954 	 * intended to be deleted might be deleted instead if a RTA_IFP sockaddr
    955 	 * is specified in the request.
    956 	 *
    957 	 * On the other hand, since the gateway address will usually be
    958 	 * different for each ipif on the system, the matching logic
    959 	 * uses MATCH_IRE_IPIF in the case of a traditional interface
    960 	 * route.  This means that interface routes for the same prefix can be
    961 	 * uniquely identified if they belong to distinct ipif's and if a
    962 	 * RTA_IFP sockaddr is not present.
    963 	 *
    964 	 * For more detail on specifying routes by gateway address and by
    965 	 * interface index, see the comments in ip_rt_add_v6().
    966 	 */
    967 	ipif = ipif_lookup_interface_v6(gw_addr, dst_addr, q, mp, func, &err,
    968 	    ipst);
    969 	if (ipif != NULL) {
    970 		ipif_refheld = B_TRUE;
    971 		if (ipif_arg != NULL) {
    972 			ipif_refrele(ipif);
    973 			ipif_refheld = B_FALSE;
    974 			ipif = ipif_arg;
    975 			match_flags |= MATCH_IRE_ILL;
    976 		} else {
    977 			match_flags |= MATCH_IRE_IPIF;
    978 		}
    979 
    980 		if (ipif->ipif_ire_type == IRE_LOOPBACK)
    981 			ire = ire_ctable_lookup_v6(dst_addr, 0, IRE_LOOPBACK,
    982 			    ipif, ALL_ZONES, NULL, match_flags, ipst);
    983 		if (ire == NULL)
    984 			ire = ire_ftable_lookup_v6(dst_addr, mask, 0,
    985 			    IRE_INTERFACE, ipif, NULL, ALL_ZONES, 0, NULL,
    986 			    match_flags, ipst);
    987 	} else if (err == EINPROGRESS) {
    988 		return (err);
    989 	} else {
    990 		err = 0;
    991 	}
    992 	if (ire == NULL) {
    993 		/*
    994 		 * At this point, the gateway address is not one of our own
    995 		 * addresses or a matching interface route was not found.  We
    996 		 * set the IRE type to lookup based on whether
    997 		 * this is a host route, a default route or just a prefix.
    998 		 *
    999 		 * If an ipif_arg was passed in, then the lookup is based on an
   1000 		 * interface index so MATCH_IRE_ILL is added to match_flags.
   1001 		 * In any case, MATCH_IRE_IPIF is cleared and MATCH_IRE_GW is
   1002 		 * set as the route being looked up is not a traditional
   1003 		 * interface route.
   1004 		 */
   1005 		match_flags &= ~MATCH_IRE_IPIF;
   1006 		match_flags |= MATCH_IRE_GW;
   1007 		if (ipif_arg != NULL)
   1008 			match_flags |= MATCH_IRE_ILL;
   1009 		if (IN6_ARE_ADDR_EQUAL(mask, &ipv6_all_ones))
   1010 			type = IRE_HOST;
   1011 		else if (IN6_IS_ADDR_UNSPECIFIED(mask))
   1012 			type = IRE_DEFAULT;
   1013 		else
   1014 			type = IRE_PREFIX;
   1015 		ire = ire_ftable_lookup_v6(dst_addr, mask, gw_addr, type,
   1016 		    ipif_arg, NULL, ALL_ZONES, 0, NULL, match_flags, ipst);
   1017 	}
   1018 
   1019 	if (ipif_refheld) {
   1020 		ipif_refrele(ipif);
   1021 		ipif_refheld = B_FALSE;
   1022 	}
   1023 	if (ire == NULL)
   1024 		return (ESRCH);
   1025 
   1026 	if (ire->ire_flags & RTF_MULTIRT) {
   1027 		/*
   1028 		 * Invoke the CGTP (multirouting) filtering module
   1029 		 * to remove the dst address from the filtering database.
   1030 		 * Packets coming from that address will no longer be
   1031 		 * filtered to remove duplicates.
   1032 		 */
   1033 		if (ipst->ips_ip_cgtp_filter_ops != NULL) {
   1034 			err = ipst->ips_ip_cgtp_filter_ops->cfo_del_dest_v6(
   1035 			    ipst->ips_netstack->netstack_stackid,
   1036 			    &ire->ire_addr_v6, &ire->ire_gateway_addr_v6);
   1037 		}
   1038 	}
   1039 
   1040 	ipif = ire->ire_ipif;
   1041 	if (ipif != NULL) {
   1042 		mblk_t		**mpp;
   1043 		mblk_t		*mp;
   1044 		ifrt_t		*ifrt;
   1045 		in6_addr_t	gw_addr_v6;
   1046 
   1047 		/* Remove from ipif_saved_ire_mp list if it is there */
   1048 		mutex_enter(&ire->ire_lock);
   1049 		gw_addr_v6 = ire->ire_gateway_addr_v6;
   1050 		mutex_exit(&ire->ire_lock);
   1051 		mutex_enter(&ipif->ipif_saved_ire_lock);
   1052 		for (mpp = &ipif->ipif_saved_ire_mp; *mpp != NULL;
   1053 		    mpp = &(*mpp)->b_cont) {
   1054 			/*
   1055 			 * On a given ipif, the triple of address, gateway and
   1056 			 * mask is unique for each saved IRE (in the case of
   1057 			 * ordinary interface routes, the gateway address is
   1058 			 * all-zeroes).
   1059 			 */
   1060 			mp = *mpp;
   1061 			ifrt = (ifrt_t *)mp->b_rptr;
   1062 			if (IN6_ARE_ADDR_EQUAL(&ifrt->ifrt_v6addr,
   1063 			    &ire->ire_addr_v6) &&
   1064 			    IN6_ARE_ADDR_EQUAL(&ifrt->ifrt_v6gateway_addr,
   1065 			    &gw_addr_v6) &&
   1066 			    IN6_ARE_ADDR_EQUAL(&ifrt->ifrt_v6mask,
   1067 			    &ire->ire_mask_v6)) {
   1068 				*mpp = mp->b_cont;
   1069 				ipif->ipif_saved_ire_cnt--;
   1070 				freeb(mp);
   1071 				break;
   1072 			}
   1073 		}
   1074 		mutex_exit(&ipif->ipif_saved_ire_lock);
   1075 	}
   1076 	ire_delete(ire);
   1077 	ire_refrele(ire);
   1078 	return (err);
   1079 }
   1080 
   1081 /*
   1082  * Derive a token from the link layer address.
   1083  */
   1084 boolean_t
   1085 ill_setdefaulttoken(ill_t *ill)
   1086 {
   1087 	int 		i;
   1088 	in6_addr_t	v6addr, v6mask;
   1089 
   1090 	if (!MEDIA_V6INTFID(ill->ill_media, ill->ill_phys_addr_length,
   1091 	    ill->ill_phys_addr, &v6addr))
   1092 		return (B_FALSE);
   1093 
   1094 	(void) ip_plen_to_mask_v6(IPV6_TOKEN_LEN, &v6mask);
   1095 
   1096 	for (i = 0; i < 4; i++)
   1097 		v6mask.s6_addr32[i] = v6mask.s6_addr32[i] ^
   1098 		    (uint32_t)0xffffffff;
   1099 
   1100 	V6_MASK_COPY(v6addr, v6mask, ill->ill_token);
   1101 	ill->ill_token_length = IPV6_TOKEN_LEN;
   1102 	return (B_TRUE);
   1103 }
   1104 
   1105 /*
   1106  * Create a link-local address from a token.
   1107  */
   1108 static void
   1109 ipif_get_linklocal(in6_addr_t *dest, const in6_addr_t *token)
   1110 {
   1111 	int i;