SUMMARY: /dev/tcp and /dev/ip?

From: Marina Daniels (
Date: Thu Jan 09 1997 - 22:34:01 CST

Does anybody know what /dev/tcp and /dev/ip do, or where else I can
look to find
out more information about this?


Thanks very much to:

Andrew Lamb
Jacques Rall
Frank Pardo
Alan Arolovitch
Edgar Daniel
Alexander Yurie

/dev/tcp and /dev/ip are drivers for TCP and IP, respectively.
You can have a look at the settings using "ndd"
(ndd - get and set driver configuration parameters)

Andrew said in the past on some versions of unix it was a security risk to let
anyone have read and write permission on the tcp and ip files.

****Does anyone know if this is a problem with solaris 2.x??**************

1) from Andrew:

 TCP and IP are two of the standard protocols (message formats)
used on the Internet. There are all sorts of protocols for LANs (NetBEui,
LANtastic, Appletalk, IPX/SPX, etc) but the Internet uses tcp/ip.

All data that your computer sends to or receives from the Internet goes
via these two files. They are not ordinary files, they ared "device" or
"character" files or something. If you don't have read and write
permission for others for the (actual) tcp and ip files, then ordinary
users will not be able to use telnet, finger @, ping, ftp and other
commands which connect to other computers on the Internet.

2) from Frank

These are pseudo-devices that are used by TLI (the Transport Layer
Interface) to talk to the network. You can read more about them in
Chapter 7 of

                Unix Network Programming
                W. Richard Stevens
                Prentice Hall
                ISBN 0-13-949876-1

There is one problem with the presentation in Stevens: It's upside-down
from a Solaris perspective. Stevens presents Berkeley Sockets first, and
then goes on to System V TLI. In Solaris, the implementation is just the
opposite. The TLI layer of software is "below" the socket layer, i.e.
the socket library uses the TLI library.

If you write a program that uses TLI (and not sockets) on Solaris, you
only need to link in the "Network Services Library", by putting "-lnsl"
in the compiler command line. If you write a program that uses sockets,
you need both the socket library and the NSL library, so the command
line has to say "-lsocket -lnsl".

The names "/dev/tcp", "/dev/udp", and "/dev/ip" are not unique to
Solaris; implementations of TLI on other versions of Unix also use them.

**** from Alan

here comes the list of all tunable ndd parameters in Solaris 2.4

 What are all the 2.4 ndd variables

Most TCP, IP, UDP and ARP tuning in Solaris is done via the ndd
command. You can list all of the appropriate variables by supplying
ndd with the driver name and a ?, i.e.:

  % ndd /dev/arp \?
  % ndd /dev/ip \?
  % ndd /dev/tcp \?
  % ndd /dev/udp \?

Note: Under Solaris 2.5 or higher, you will need to be root to display
these variables.

You can change ndd variables by supplying the -set option, the
variable name, and the value, i.e.:

  % ndd -set /dev/ip ip_forwarding 0

If you wish a ndd variables to get set upon every boot, you should put
a line for it in the file /etc/rc2.d/S69inet:

  % cat /etc/rc2.d/S69inet
  # Set configurable parameters.
  ndd -set /dev/tcp tcp_old_urp_interpretation 1

Many variables have two options: 1 (True) and 0 (False).

Note: in all of the following examples, the default values for 2.4 are
listed. Other OSs may differ, and can always be discovered by

   # ndd device variable


  # ndd /dev/ip ip_debug

One word of warning concerning the ndd variables: They should be
considered quite volatile, and might totally change from one release
of Solaris to another. Only the variables that are the most useful, or
the least likely to change, are listed below, but even these could be
potentially modified in new releases of the OS. Unlisted variables,
which can be viewed with the ndd command, should be considered even
less static.

IP Variables


  Determines the default Time To Live value for standard IP packets.
  The default value is 255.


  Determines if the workstation will route packets. This variable can be
  one of three selections:

    0 Never forward
    1 Always forward
    2 Only forward when two or more interfaces are up

  The default value is 2.


  Determines whether the host should send ICMP redirects when it routes
  packets. The default value is 1 (True).

TCP Variables


  Despite the misleading name, this variable actually sets the time
  wait interval (the 2MSL value). The default value is 240000 ms (4


  Determines the default Time To Live for TCP/IP packets. The default
  value is 255.


  Determines how frequently to test if an idle connection is still
  alive. The default value is 7200000 ms (2 hours).


  Determines the Maximum Segment Size for nonlocal packets (i.e.,
  packets to be sent to different networks or subnets). The default
  value is 536 bytes.


  Determines the maximum value of the TCP receive window. The default
  value is 8192 (8k).


  Determines the smallest TCP port number that may be used for an
  anonymous connection. The default value is 32768.


  Determines the maximum value of the TCP transmit window. The default
  value is 8192 (8k).


  Determines the minimum value of the TCP transmit window. The default
  value is 2048 (2k).

UDP Variables


  Determines the default Time To Live for UDP packets. The default
  value is 255.


  Determines whether checksums should be done for UDP packets. The
  default value is 1 (True).


  Determines the maximum value of the UDP receive window. The default
  value is 8192 (8k).


  Determines the smallest UDP port number that may be used for an
  anonymous connection. The default value is 32768.


  Determines the maximum value of the UDP transmit window. The default
  value is 8192 (8k).


  Determines the minimum value of the UDP transmit window. The default
  value is...

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:42 CDT