NAME
gif
—
generic tunnel interface
SYNOPSIS
pseudo-device gif
DESCRIPTION
The gif
interface is a generic tunnelling
pseudo-device. It can tunnel IPv4, IPv6, and MPLS over IPv4 and IPv6, with
behavior mainly based on RFC 4213 IPv6-over-IPv4.
A gif
interface can be created at runtime
using the ifconfig gif
N
create
command or by setting up a
hostname.if(5) configuration file for
netstart(8).
The gif
interface must be configured with
the addresses used for the outer header. This can be done by using
ifconfig(8)'s tunnel
command (which
uses the SIOCSLIFPHYADDR
ioctl).
The addresses of the inner header must be configured by using
ifconfig(8) in the normal way. The routing table can be used
to direct packets toward the gif
interface.
SEE ALSO
sysctl(2), etherip(4), gre(4), inet(4), inet6(4), ipsec(4), hostname.if(5), ifconfig(8), netstart(8)
STANDARDS
E. Nordmark and R. Gilligan, Basic Transition Mechanisms for IPv6 Hosts and Routers, RFC 4213, October 2005.
T. Worster, Y. Rekhter, and E. Rosen, Encapsulating MPLS in IP or Generic Routing Encapsulation (GRE), RFC 4023, March 2005.
HISTORY
The gif
device first appeared in WIDE
hydrangea IPv6 kit.
Previously, gif
supported RFC 3378 EtherIP
tunnels over
bridge(4) interfaces. This is now handled by
etherip(4).
BUGS
There are many tunnelling protocol specifications, defined
differently from each other. gif
may not
interoperate with peers which are based on different specifications, and are
picky about outer header fields. For example, you cannot usually use
gif
to talk with IPsec devices that use IPsec tunnel
mode.
The current code does not check if the ingress address (outer
source address) configured to gif
makes sense. Make
sure to configure an address which belongs to your node. Otherwise, your
node will not be able to receive packets from the peer, and your node will
generate packets with a spoofed source address.
If the outer protocol is IPv6, path MTU discovery for encapsulated packet may affect communication over the interface.