1# IPv6 Options
2
3# Copyright (c) 2016 Intel Corporation.
4# SPDX-License-Identifier: Apache-2.0
5
6menuconfig NET_IPV6
7	bool "IPv6"
8	default y
9	help
10	  Enable IPv6 support. This should be selected by default as there
11	  is limited set of network bearers provided that support IPv4.
12
13if NET_IPV6
14
15config NET_IF_MAX_IPV6_COUNT
16	int "Max number of IPv6 network interfaces in the system"
17	default NET_VLAN_COUNT if NET_VLAN
18	default 2 if NET_LOOPBACK
19	default 1
20	help
21	  This tells how many network interfaces there will be in the system
22	  that will have IPv6 enabled.
23
24config NET_IF_UNICAST_IPV6_ADDR_COUNT
25	int "Max number of unicast IPv6 addresses per network interface"
26	default 6 if NET_L2_OPENTHREAD
27	default 3 if NET_LOOPBACK
28	default 2
29
30config NET_IF_MCAST_IPV6_ADDR_COUNT
31	int "Max number of multicast IPv6 addresses per network interface"
32	default 8 if NET_L2_OPENTHREAD
33	default 3
34
35config NET_IF_IPV6_PREFIX_COUNT
36	int "Max number of IPv6 prefixes per network interface"
37	default 2
38
39if NET_NATIVE_IPV6
40
41config NET_IPV6_MTU
42	int "Initial IPv6 MTU value"
43	default 1280
44	range 1280 1500
45	help
46	  The value should normally be 1280 which is the minimum IPv6 packet
47	  size that implementations need to support without fragmentation.
48
49config NET_IPV6_PMTU
50	bool "IPv6 Path MTU Discovery"
51	help
52	  Enables IPv6 Path MTU Discovery (see RFC 8201)
53
54config NET_IPV6_PMTU_DESTINATION_CACHE_ENTRIES
55	int "Number of IPv6 PMTU destination cache entries"
56	default 3
57	depends on NET_IPV6_PMTU
58	help
59	  How many PMTU entries we can track for each destination address.
60
61config NET_INITIAL_HOP_LIMIT
62	int "Initial IPv6 hop limit value for unicast packets"
63	default 64
64	range 0 $(UINT8_MAX)
65	help
66	  The value should normally be > 0. The device receiving the IPv6
67	  packet will decrement the value and will drop the packet if the hop
68	  limit value is 0. When sending, the packet is dropped before
69	  transmitting to network if hop limit is 0.
70
71config NET_INITIAL_MCAST_HOP_LIMIT
72	int "Initial IPv6 hop limit value for multicast packets"
73	default 1
74	range 0 $(UINT8_MAX)
75	help
76	  The value should normally be > 0. The device receiving the IPv6
77	  packet will decrement the value and will drop the packet if the hop
78	  limit value is 0. When sending, the packet is dropped before
79	  transmitting to network if hop limit is 0.
80	  The default is 1 (same as in IPv4) which means that multicast packets
81	  don't leave the local network unless the application explicitly
82	  requests it.
83
84config NET_IPV6_MAX_NEIGHBORS
85	int "How many IPv6 neighbors are supported"
86	default 8
87	range 1 254
88	help
89	  The value depends on your network needs.
90
91config NET_IPV6_FRAGMENT
92	bool "Support IPv6 fragmentation"
93	help
94	  IPv6 fragmentation is disabled by default. This saves memory and
95	  should not cause issues normally as we support anyway the minimum
96	  length IPv6 packets (1280 bytes). If you enable fragmentation
97	  support, please increase amount of RX data buffers so that larger
98	  than 1280 byte packets can be received.
99
100config NET_IPV6_FRAGMENT_MAX_COUNT
101	int "How many packets to reassemble at a time"
102	range 1 16
103	default 1
104	depends on NET_IPV6_FRAGMENT
105	help
106	  How many fragmented IPv6 packets can be waiting reassembly
107	  simultaneously. Each fragment count might use up to 1280 bytes
108	  of memory so you need to plan this and increase the network buffer
109	  count.
110
111config NET_IPV6_FRAGMENT_MAX_PKT
112	int "How many fragments can be handled to reassemble a packet"
113	default 2
114	depends on NET_IPV6_FRAGMENT
115	help
116	  Incoming fragments are stored in per-packet queue before being
117	  reassembled. This value defines the number of fragments that
118	  can be handled at the same time to reassemble a single packet.
119
120	  We do not have to accept IPv6 packets larger than 1500 bytes
121	  (RFC 2460 ch 5). This means that we should receive everything
122	  within the first two fragments. The first one being 1280 bytes and
123	  the second one 220 bytes.
124
125	  You can increase this value if you expect packets with more
126	  than two fragments.
127
128config NET_IPV6_FRAGMENT_TIMEOUT
129	int "How long to wait the fragments to receive"
130	range 1 60
131	default 5
132	depends on NET_IPV6_FRAGMENT
133	help
134	  How long to wait for IPv6 fragment to arrive before the reassembly
135	  will timeout. RFC 2460 chapter 4.5 tells to wait for 60 seconds but
136	  this might be too long in memory constrained devices. This value
137	  is in seconds.
138
139config NET_IPV6_MLD
140	bool "Multicast Listener Discovery support"
141	default y
142	help
143	  The value depends on your network needs. MLD should normally
144	  be active. Currently we support only MLDv2. See RFC 3810 for
145	  details.
146
147config NET_IPV6_NBR_CACHE
148	bool "Neighbor cache"
149	default y
150	help
151	  The value depends on your network needs. Neighbor cache should
152	  normally be active.
153
154config NET_IPV6_ND
155	bool "Activate neighbor discovery"
156	depends on NET_IPV6_NBR_CACHE
157	select NET_IPV6_MLD if !NET_TEST
158	default y
159	help
160	  The value depends on your network needs. ND should normally
161	  be active.
162
163config NET_IPV6_DAD
164	bool "Activate duplicate address detection"
165	depends on NET_IPV6_NBR_CACHE
166	default y
167	help
168	  The value depends on your network needs. DAD should normally
169	  be active.
170
171config NET_IPV6_RS_TIMEOUT
172	int "Timeout of Router Solicitation messaging"
173	depends on NET_IPV6_ND
174	range 1 30
175	default 1
176	help
177	  The timeout in seconds between attempts to send a Router
178	  Solicitation message at startup.
179
180config NET_IPV6_RA_RDNSS
181	bool "Support RA RDNSS option"
182	depends on NET_IPV6_ND
183	depends on DNS_RESOLVER
184	default y
185	help
186	  Support Router Advertisement Recursive DNS Server option.
187	  See RFC 6106 for details. The value depends on your network needs.
188
189choice NET_IPV6_IID_GENERATION
190	prompt "IPv6 Interface Identifier (IID) generation"
191	default NET_IPV6_IID_EUI_64
192	help
193	  Determines how the IPv6 Interface Identifier (IID) is generated.
194	  By default the legacy format using EUI-64 (MAC address) specified in
195	  RFC 4291 chapter 2.5.1 is used.
196	  User can also choose to use stable IID specified in RFC 7217 in which
197	  case a randomized IID is generated for each network interface.
198	  The stable IID enhances privacy by having a different IID for each
199	  network interface.
200
201config NET_IPV6_IID_EUI_64
202	bool "Generate IID using EUI-64"
203	help
204	  Generate IID from modified EUI-64 a.k.a MAC address. This is the
205	  legacy way described in RFC 4291 chapter 2.5.1
206
207config NET_IPV6_IID_STABLE
208	bool "Generate stable IID [EXPERIMENTAL]"
209	select MBEDTLS
210	select MBEDTLS_MD
211	select EXPERIMENTAL
212	depends on !NET_6LO
213	help
214	  Generate a stable IID described in RFC 7217. This option specifies a
215	  method for generating IPv6 Interface Identifiers to be used with
216	  IPv6 Stateless Address Autoconfiguration (SLAAC), such that an IPv6
217	  address configured using this method is stable within each subnet,
218	  but the corresponding Interface Identifier changes when the host
219	  moves from one network to another. This method is meant to be an
220	  alternative to generating Interface Identifiers based on hardware
221	  addresses (e.g., IEEE LAN Media Access Control (MAC) addresses),
222	  such that the benefits of stable addresses can be achieved without
223	  sacrificing the security and privacy of users.
224	  Currently the stable IID generation is disabled for 6lo networks
225	  because of header compression.
226
227endchoice
228
229config NET_IPV6_PE
230	bool "Privacy extension (RFC 8981) support [EXPERIMENTAL]"
231	select MBEDTLS
232	select MBEDTLS_MD
233	select EXPERIMENTAL
234	select NET_MGMT
235	select NET_MGMT_EVENT
236	select NET_MGMT_EVENT_INFO
237	help
238	  This enables IPv6 privacy extension (RFC 8981) support.
239	  The interface identifier is randomized and SLAAC addresses
240	  generated from it will expire. This requires that applications are
241	  prepared to use new IPv6 addresses when old ones will expire.
242	  Note that you should make sure that the value of config option
243	  CONFIG_NET_IF_UNICAST_IPV6_ADDR_COUNT should be large enough so that
244	  two PE generated IPv6 addresses can be added to the network interface
245	  at the same time.
246
247if NET_IPV6_PE
248
249config NET_IPV6_PE_FILTER_PREFIX_COUNT
250	int "Size of the IPv6 prefix filter list"
251	default 0
252	help
253	  Size of the allow/deny filter list of IPv6 prefixes. User can
254	  set filters at runtime and it is possible to enable or disable
255	  privacy extension support according to this filter list.
256	  By default no filters are enabled.
257
258config NET_IPV6_PE_PREFER_PUBLIC_ADDRESSES
259	bool "Prefer public preferred address over temporary one"
260	help
261	  Prefer public addresses over temporary addresses.
262
263config NET_IPV6_PE_TEMP_VALID_LIFETIME
264	int "Max lifetime for temporary address (in minutes)"
265	default 1440
266	help
267	  No temporary address should ever remain valid for longer than this
268	  value. The value is in minutes. Default value is 1 day (24*60).
269
270config NET_IPV6_PE_TEMP_PREFERRED_LIFETIME
271	int "Max preferred lifetime for temporary address (in minutes)"
272	default 1380
273	help
274	  No temporary address should ever remain preferred for longer than this
275	  value. The value is in minutes. Default value is 23 hours (23*60).
276
277config NET_IPV6_PE_TEMP_IDGEN_RETRIES
278	int "Max amount of failed DAD attempts"
279	default 3
280	help
281	  The node MUST perform duplicate address detection (DAD) on the
282	  generated temporary address. If after TEMP_IDGEN_RETRIES consecutive
283	  attempts no non-unique address was generated then there will be no
284	  attempt to generate temporary addresses for that interface.
285
286endif
287
288config NET_6LO
289	bool "6lowpan IPv6 Compression library"
290	default y if NET_L2_IEEE802154
291	help
292	  6lowpan compression and fragmentation. It is enabled by default
293	  if 802.15.4 is present, since using IPv6 on it requires it.
294
295	  You may disable this option if you wish to implement a non-IP
296	  custom protocol on top of the 802.15.4 MAC (L2) layer.
297
298config NET_6LO_CONTEXT
299	bool "6lowpan context based compression"
300	depends on NET_6LO
301	help
302	  Enables 6lowpan context based compression based on information
303	  received in Router Advertisement (RA) message.
304
305config NET_MAX_6LO_CONTEXTS
306	int "Number of supported 6CO (6lowpan contexts options)"
307	depends on NET_6LO_CONTEXT
308	default 1
309	range 1 16
310	help
311	  6lowpan context options table size. The value depends on your
312	  network and memory consumption. More 6CO options uses more memory.
313
314if NET_6LO
315module = NET_6LO
316module-dep = NET_LOG
317module-str = Log level for 6LoWPAN library
318module-help = Enables 6LoWPAN code to output debug messages.
319source "subsys/net/Kconfig.template.log_config.net"
320endif # NET_6LO
321
322module = NET_IPV6
323module-dep = NET_LOG
324module-str = Log level for core IPv6
325module-help = Enables core IPv6 code to output debug messages.
326source "subsys/net/Kconfig.template.log_config.net"
327
328module = NET_IPV6_ND
329module-dep = NET_LOG
330module-str = Log level for IPv6 Neighbor Discovery
331module-help = Enables IPv6 Neighbor Discovery code to output debug messages.
332source "subsys/net/Kconfig.template.log_config.net"
333
334module = NET_IPV6_PE
335module-dep = NET_LOG
336module-str = Log level for IPv6 Privacy Extension
337module-help = Enables IPv6 Privacy Extension code to output debug messages.
338source "subsys/net/Kconfig.template.log_config.net"
339
340module = NET_ICMPV6
341module-dep = NET_LOG
342module-str = Log level for ICMPv6
343module-help = Enables ICMPv6 code to output debug messages.
344source "subsys/net/Kconfig.template.log_config.net"
345
346module = NET_IPV6_NBR_CACHE
347module-dep = NET_LOG
348module-str = Log level for IPv6 neighbor cache
349module-help = Enables IPv6 Neighbor Cache code to output debug messages.
350source "subsys/net/Kconfig.template.log_config.net"
351
352endif # NET_NATIVE_IPV6
353endif # NET_IPV6
354