majek/reflect_test.py

## reflect_test.py
#!/usr/bin/python3
# Before you start you need to either enable flow label reflection
#    sysctl -w net.ipv6.flowlabel_reflect = 1
# or disable flow label consistency
#    sysctl -w net.ipv6.flowlabel_consistency = 0

import socket
import struct

IPV6_FL_A_GET = 0
IPV6_FL_F_REFLECT = 4
IPV6_FLOWLABEL_MGR = 32

def prepare_server(listen_port):
    sd = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
    sd.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

    # enable flow reflection if flowlabel_reflect=1
    flr_action = IPV6_FL_A_GET
    flr_flags = IPV6_FL_F_REFLECT
    in6_flowlabel_req = struct.pack("@16sIBBHHHI",
                                    b'\x00'*16, 0, flr_action, 0, flr_flags, 0, 0, 0)

    try:
        sd.setsockopt(socket.IPPROTO_IPV6, IPV6_FLOWLABEL_MGR, in6_flowlabel_req)
    except PermissionError:
        print("flowlabel_consistency is enabled, I hope you enabled flowlabel_reflect!")

    sd.bind(('::1', listen_port))
    sd.listen(10)
    return sd

def prepare_client(port):
    cd = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
    cd.connect(('::1', port))
    return cd

sd = prepare_server(1235)
cd = prepare_client(1235)

cd2, cd2_addr = sd.accept()
cd2.close()

cd.send(b"a")

## tcpdump.txt
$ sudo tcpdump -ntvi lo port 1235

IP6 (flowlabel 0x3ba3d, hlim 64, next-header TCP (6) payload length: 40) ::1.59276 > ::1.1235: Flags [S]
IP6 (flowlabel 0x3ba3d, hlim 64, next-header TCP (6) payload length: 40) ::1.1235 > ::1.59276: Flags [S.]
IP6 (flowlabel 0x3ba3d, hlim 64, next-header TCP (6) payload length: 32) ::1.59276 > ::1.1235: Flags [.]
IP6 (flowlabel 0x3ba3d, hlim 64, next-header TCP (6) payload length: 32) ::1.1235 > ::1.59276: Flags [F.]
IP6 (flowlabel 0x3ba3d, hlim 64, next-header TCP (6) payload length: 33) ::1.59276 > ::1.1235: Flags [P.]
IP6 (flowlabel 0xdfc46, hlim 64, next-header TCP (6) payload length: 20) ::1.1235 > ::1.59276: Flags [R]
	#!/usr/bin/python3
	# Before you start you need to either enable flow label reflection
	# sysctl -w net.ipv6.flowlabel_reflect = 1
	# or disable flow label consistency
	# sysctl -w net.ipv6.flowlabel_consistency = 0

	import socket
	import struct

	IPV6_FL_A_GET = 0
	IPV6_FL_F_REFLECT = 4
	IPV6_FLOWLABEL_MGR = 32

	def prepare_server(listen_port):
	sd = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
	sd.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)

	# enable flow reflection if flowlabel_reflect=1
	flr_action = IPV6_FL_A_GET
	flr_flags = IPV6_FL_F_REFLECT
	in6_flowlabel_req = struct.pack("@16sIBBHHHI",
	b'\x00'*16, 0, flr_action, 0, flr_flags, 0, 0, 0)

	try:
	sd.setsockopt(socket.IPPROTO_IPV6, IPV6_FLOWLABEL_MGR, in6_flowlabel_req)
	except PermissionError:
	print("flowlabel_consistency is enabled, I hope you enabled flowlabel_reflect!")

	sd.bind(('::1', listen_port))
	sd.listen(10)
	return sd

	def prepare_client(port):
	cd = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
	cd.connect(('::1', port))
	return cd

	sd = prepare_server(1235)
	cd = prepare_client(1235)

	cd2, cd2_addr = sd.accept()
	cd2.close()

	cd.send(b"a")
	$ sudo tcpdump -ntvi lo port 1235

	IP6 (flowlabel 0x3ba3d, hlim 64, next-header TCP (6) payload length: 40) ::1.59276 > ::1.1235: Flags [S]
	IP6 (flowlabel 0x3ba3d, hlim 64, next-header TCP (6) payload length: 40) ::1.1235 > ::1.59276: Flags [S.]
	IP6 (flowlabel 0x3ba3d, hlim 64, next-header TCP (6) payload length: 32) ::1.59276 > ::1.1235: Flags [.]
	IP6 (flowlabel 0x3ba3d, hlim 64, next-header TCP (6) payload length: 32) ::1.1235 > ::1.59276: Flags [F.]
	IP6 (flowlabel 0x3ba3d, hlim 64, next-header TCP (6) payload length: 33) ::1.59276 > ::1.1235: Flags [P.]
	IP6 (flowlabel 0xdfc46, hlim 64, next-header TCP (6) payload length: 20) ::1.1235 > ::1.59276: Flags [R]