/ndppd

NDP Proxy Daemon

Primary LanguageC++GNU General Public License v3.0GPL-3.0

                     ndppd - NDP Proxy Daemon

                          Version 0.2.5

------------------------------------------------------------------------
1. Legal
------------------------------------------------------------------------

   ndppd - NDP Proxy Daemon
   Copyright (C) 2011-2016  Daniel Adolfsson <daniel@priv.nu>

   This program is free software: you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>.

------------------------------------------------------------------------
2. About 'ndppd'
------------------------------------------------------------------------

   'ndppd', or NDP Proxy Daemon, is a daemon that proxies NDP (Neighbor 
   Discovery Protocol) messages between interfaces.

   The Neighbor Discovery Protocol (NDP) is a protocol in the Internet 
   Protocol Suite used with Internet Protocol Version 6 (IPv6). It 
   operates in the Link Layer of the Internet model (RFC 1122) and is 
   responsible for address autoconfiguration of nodes, discovery of 
   other nodes on the link, determining the Link Layer addresses 
   of other nodes, duplicate address detection, finding available 
   routers and Domain Name System (DNS) servers, address prefix 
   discovery, and maintaining reachability information about the paths 
   to other active neighbor nodes (RFC 4861). (Wikipedia)

   'ndppd' currently only supports Neighbor Solicitation Messages and 
   Neighbor Advertisement Messages.

   Before an IPv6 packet can be sent to a host, that host's link-layer
   address must first be discovered. This is done by sending a Neighbor
   Solicitation message containing the requested target IPv6 address
   to a specific multicast address.  If a host have configured a
   matching IP, that host will then respond with a Neighbor 
   Advertisement message, and provide it's link-layer address. 

   Let's say you want to route some IPs to another interface, and
   your ISP isn't truly routing your subnet to your host. It means
   that your host will have respond to Neighbor Solicitation messages
   for IPs it haven't configured in order to be able to route them.

   Linux have a limited support for proxying Neighbor Solicitation 
   messages by simply answering to any messages where the target IP 
   can be found in the host's neighbor proxy table. To make this work 
   you need to enable "proxy_ndp", and then add each single host to the
   neighbor proxy table by typing something like:

      ip -6 neigh add proxy <ip> dev <if>

   Unfortunately, it doesn't support listing proxies, and as I said,
   only individual IPs are supported. No subnets.

   'ndppd' solves this by listening for Neighbor Solicitation messages 
   on an interface, then query the internal interfaces for that target
   IP before finally sending a Neighbor Advertisement message. 

   You can create rules to query one interface for one subnet, and 
   another interface for another. 'ndppd' can even respond directly to 
   Neighbor Solicitation messages without querying anything, should you 
   need that.

------------------------------------------------------------------------
3. Dependencies
------------------------------------------------------------------------

   As of version 0.2.2, libconfuse is no longer needed.

------------------------------------------------------------------------
4. Compiling
------------------------------------------------------------------------

   First, make sure you have g++ and make installed.

   It should be as easy as:

      make all && make install

   If you want to enable debugging, you can type:

      make DEBUG=1 all

   Note that this version of the binary is much bigger, and the daemon
   produces a lot of messages.

------------------------------------------------------------------------
5. Usage
------------------------------------------------------------------------

   Read through 'ndppd.conf-dist' for guidelines and examples how to 
   configure the daemon. 

   Usage: ndppd [-d] [-c <config>] [-p <pidfile>]

   -p <pidfile>
         Create a pidfile at the specified location.

   -c <config>
         Read configuration from the specified location, instead of
         the default which is /etc/ndppd.conf.

   -d    Daemonize the process, putting it in the background.
         Also enables syslogging.

   -v    Increase logging verbosity. Can be used several times in
         order to increase even further.

------------------------------------------------------------------------
5. Website and contact
------------------------------------------------------------------------

   Contact : Daniel Adolfsson <daniel@priv.nu>

   Website : https://github.com/DanielAdolfsson/ndppd

       Git : git://github.com/DanielAdolfsson/ndppd.git

If you want to report a bug, you can either send me a mail directly,
or submit an issue on github.com.