OpenSolaris Launch

15 files changed, 3810 insertions, 0 deletions

diff --git a/usr/src/uts/common/net/Makefile b/usr/src/uts/common/net/Makefile
new file mode 100644
index 0000000000..fbb90225c1
--- /dev/null
+++ b/usr/src/uts/common/net/Makefile
@@ -0,0 +1,54 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License").  You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+#
+#ident	"%Z%%M%	%I%	%E% SMI"
+#
+# Copyright (c) 1989-2001 by Sun Microsystems, Inc.
+# All rights reserved.
+#
+# uts/common/net/Makefile
+#
+# include global definitions
+include ../../../Makefile.master
+
+HDRS=	af.h if.h if_arp.h if_dl.h if_types.h route.h pfkeyv2.h pfpolicy.h \
+	ppp-comp.h ppp_defs.h pppio.h vjcompress.h sppptun.h pppoe.h
+
+ROOTDIRS= $(ROOT)/usr/include/net
+
+ROOTHDRS= $(HDRS:%=$(ROOT)/usr/include/net/%)
+
+CHECKHDRS= $(HDRS:%.h=%.check)
+
+$(ROOTDIRS)/%: %
+	$(INS.file)
+
+.KEEP_STATE:
+
+.PARALLEL: $(CHECKHDRS)
+
+install_h: $(ROOTDIRS) $(ROOTHDRS)
+
+$(ROOTDIRS):
+	$(INS.dir)
+
+check:	$(CHECKHDRS)
diff --git a/usr/src/uts/common/net/af.h b/usr/src/uts/common/net/af.h
new file mode 100644
index 0000000000..8500eb5806
--- /dev/null
+++ b/usr/src/uts/common/net/af.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 1997-1998 by Sun Microsystems, Inc.
+ * All rights reserved.
+ */
+
+/*
+ * Copyright (c) 1980, 1986 Regents of the University of California.
+ * All rights reserved.  The Berkeley software License Agreement
+ * specifies the terms and conditions for redistribution.
+ */
+
+#ifndef	_NET_AF_H
+#define	_NET_AF_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+/* af.h 1.10 88/08/19 SMI; from UCB 7.1	*/
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/*
+ * Address family routines,
+ * used in handling generic sockaddr structures.
+ *
+ * Hash routine is called
+ *	af_hash(addr, h);
+ *	struct sockaddr *addr; struct afhash *h;
+ * producing an afhash structure for addr.
+ *
+ * Netmatch routine is called
+ *	af_netmatch(addr1, addr2);
+ * where addr1 and addr2 are sockaddr *.  Returns 1 if network
+ * values match, 0 otherwise.
+ */
+struct afswitch {
+	int	(*af_hash)();
+	int	(*af_netmatch)();
+};
+
+struct afhash {
+	uint_t	afh_hosthash;
+	uint_t	afh_nethash;
+};
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _NET_AF_H */
diff --git a/usr/src/uts/common/net/if.h b/usr/src/uts/common/net/if.h
new file mode 100644
index 0000000000..26f925b741
--- /dev/null
+++ b/usr/src/uts/common/net/if.h
@@ -0,0 +1,736 @@
+/*
+ * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+/*
+ * Copyright (c) 1982, 1986 Regents of the University of California.
+ * All rights reserved.  The Berkeley software License Agreement
+ * specifies the terms and conditions for redistribution.
+ */
+
+#ifndef	_NET_IF_H
+#define	_NET_IF_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+/* if.h 1.26 90/05/29 SMI; from UCB 7.1 6/4/86		*/
+
+#include <sys/feature_tests.h>
+
+#if !defined(_XOPEN_SOURCE) || defined(__EXTENSIONS__)
+#include <sys/socket.h>
+#include <netinet/in.h>
+#if defined(_LP64)
+#include <sys/types32.h>
+#endif
+#endif
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/*
+ * Structures defining a network interface, providing a packet
+ * transport mechanism (ala level 0 of the PUP protocols).
+ *
+ * Each interface accepts output datagrams of a specified maximum
+ * length, and provides higher level routines with input datagrams
+ * received from its medium.
+ *
+ * Output occurs when the routine if_output is called, with three parameters:
+ *	(*ifp->if_output)(ifp, m, dst)
+ * Here m is the mbuf chain to be sent and dst is the destination address.
+ * The output routine encapsulates the supplied datagram if necessary,
+ * and then transmits it on its medium.
+ *
+ * On input, each interface unwraps the data received by it, and either
+ * places it on the input queue of a internetwork datagram routine
+ * and posts the associated software interrupt, or passes the datagram to a raw
+ * packet input routine.
+ *
+ * Routines exist for locating interfaces by their addresses
+ * or for locating a interface on a certain network, as well as more general
+ * routing and gateway routines maintaining information used to locate
+ * interfaces.  These routines live in the files if.c and route.c
+ */
+
+#if !defined(_XOPEN_SOURCE) || defined(__EXTENSIONS__)
+
+/*
+ * Structure defining a queue for a network interface.
+ *
+ * (Would like to call this struct ``if'', but C isn't PL/1.)
+ */
+struct ifnet {
+	char	*if_name;		/* name, e.g. ``en'' or ``lo'' */
+	short	if_unit;		/* sub-unit for lower level driver */
+	short	if_mtu;			/* maximum transmission unit */
+	short	if_flags;		/* up/down, broadcast, etc. */
+	short	if_timer;		/* time 'til if_watchdog called */
+	ushort_t if_promisc;		/* net # of requests for promisc mode */
+	int	if_metric;		/* routing metric (external only) */
+	struct	ifaddr *if_addrlist;	/* linked list of addresses per if */
+	struct	ifqueue {
+		struct	mbuf *ifq_head;
+		struct	mbuf *ifq_tail;
+		int	ifq_len;
+		int	ifq_maxlen;
+		int	ifq_drops;
+	} if_snd;			/* output queue */
+/* procedure handles */
+	int	(*if_init)();		/* init routine */
+	int	(*if_output)();		/* output routine */
+	int	(*if_ioctl)();		/* ioctl routine */
+	int	(*if_reset)();		/* bus reset routine */
+	int	(*if_watchdog)();	/* timer routine */
+/* generic interface statistics */
+	int	if_ipackets;		/* packets received on interface */
+	int	if_ierrors;		/* input errors on interface */
+	int	if_opackets;		/* packets sent on interface */
+	int	if_oerrors;		/* output errors on interface */
+	int	if_collisions;		/* collisions on csma interfaces */
+/* end statistics */
+	struct	ifnet *if_next;
+	struct	ifnet *if_upper;	/* next layer up */
+	struct	ifnet *if_lower;	/* next layer down */
+	int	(*if_input)();		/* input routine */
+	int	(*if_ctlin)();		/* control input routine */
+	int	(*if_ctlout)();		/* control output routine */
+	struct map *if_memmap;		/* rmap for interface specific memory */
+};
+
+/*
+ * NOTE : These flags are not directly used within IP.
+ * ip_if.h has definitions derived from this which is used within IP.
+ * If you define a flag here, you need to define one in ip_if.h before
+ * using the new flag in IP. Don't use these flags directly in IP.
+ */
+#define	IFF_UP		0x0000000001	/* interface is up */
+#define	IFF_BROADCAST	0x0000000002	/* broadcast address valid */
+#define	IFF_DEBUG	0x0000000004	/* turn on debugging */
+#define	IFF_LOOPBACK	0x0000000008	/* is a loopback net */
+
+#define	IFF_POINTOPOINT	0x0000000010	/* interface is point-to-point link */
+#define	IFF_NOTRAILERS	0x0000000020	/* avoid use of trailers */
+#define	IFF_RUNNING	0x0000000040	/* resources allocated */
+#define	IFF_NOARP	0x0000000080	/* no address resolution protocol */
+
+#define	IFF_PROMISC	0x0000000100	/* receive all packets */
+#define	IFF_ALLMULTI	0x0000000200	/* receive all multicast packets */
+#define	IFF_INTELLIGENT	0x0000000400	/* protocol code on board */
+#define	IFF_MULTICAST	0x0000000800	/* supports multicast */
+
+#define	IFF_MULTI_BCAST	0x0000001000	/* multicast using broadcast address */
+#define	IFF_UNNUMBERED	0x0000002000	/* non-unique address */
+#define	IFF_DHCPRUNNING	0x0000004000	/* DHCP controls this interface */
+#define	IFF_PRIVATE	0x0000008000	/* do not advertise */
+
+/*
+ * The following flags can't be grabbed or altered by SIOC[GS]IFFLAGS.
+ * Should use SIOC[GS]LIFFLAGS which has a larger flags field.
+ */
+#define	IFF_NOXMIT	0x0000010000	/* Do not transmit packets */
+#define	IFF_NOLOCAL	0x0000020000	/* No address - just on-link subnet */
+#define	IFF_DEPRECATED	0x0000040000	/* interface address deprecated */
+#define	IFF_ADDRCONF	0x0000080000	/* address from stateless addrconf */
+
+#define	IFF_ROUTER	0x0000100000	/* router on this interface */
+#define	IFF_NONUD	0x0000200000	/* No NUD on this interface */
+#define	IFF_ANYCAST	0x0000400000	/* Anycast address */
+#define	IFF_NORTEXCH	0x0000800000	/* Do not exchange routing info */
+
+#define	IFF_IPV4	0x0001000000	/* IPv4 interface */
+#define	IFF_IPV6	0x0002000000	/* IPv6 interface */
+#define	IFF_MIPRUNNING	0x0004000000	/* Mobile IP controls this interface */
+#define	IFF_NOFAILOVER	0x0008000000	/* Don't failover on NIC failure */
+
+#define	IFF_FAILED	0x0010000000	/* NIC has failed */
+#define	IFF_STANDBY	0x0020000000	/* Standby NIC to be used on failures */
+#define	IFF_INACTIVE	0x0040000000	/* Standby active or not ? */
+#define	IFF_OFFLINE	0x0080000000	/* NIC has been offlined */
+
+/*
+ * The IFF_XRESOLV flag is an evolving interface and is subject
+ * to change without notice.
+ */
+#define	IFF_XRESOLV	0x0100000000	/* IPv6 external resolver */
+#define	IFF_COS_ENABLED	0x0200000000	/* If interface supports CoS marking */
+#define	IFF_PREFERRED	0x0400000000	/* Prefer as source address */
+#define	IFF_TEMPORARY	0x0800000000	/* RFC3041 */
+
+#define	IFF_FIXEDMTU	0x1000000000	/* MTU manually set with SIOCSLIFMTU */
+
+#define	IFF_VIRTUAL	0x2000000000	/* Does not send or receive packets */
+
+/*
+ * The IFF_MULTICAST flag indicates that the network can support the
+ * transmission and reception of higher-level (e.g., IP) multicast packets.
+ * It is independent of hardware support for multicasting; for example,
+ * point-to-point links or pure broadcast networks may well support
+ * higher-level multicasts.
+ */
+
+/* flags set internally only: */
+#define	IFF_CANTCHANGE \
+	(IFF_BROADCAST | IFF_POINTOPOINT | IFF_RUNNING | IFF_PROMISC | \
+	IFF_MULTICAST | IFF_MULTI_BCAST | IFF_UNNUMBERED | IFF_IPV4 | \
+	IFF_IPV6 | IFF_INACTIVE | IFF_FIXEDMTU | IFF_VIRTUAL | \
+	IFF_LOOPBACK | IFF_ALLMULTI)
+
+/*
+ * Output queues (ifp->if_snd) and internetwork datagram level (pup level 1)
+ * input routines have queues of messages stored on ifqueue structures
+ * (defined above).  Entries are added to and deleted from these structures
+ * by these macros, which should be called with ipl raised to splimp().
+ */
+#define	IF_QFULL(ifq)		((ifq)->ifq_len >= (ifq)->ifq_maxlen)
+#define	IF_DROP(ifq)		((ifq)->ifq_drops++)
+#define	IF_ENQUEUE(ifq, m) { \
+	(m)->m_act = 0; \
+	if ((ifq)->ifq_tail == 0) \
+		(ifq)->ifq_head = m; \
+	else \
+		(ifq)->ifq_tail->m_act = m; \
+	(ifq)->ifq_tail = m; \
+	(ifq)->ifq_len++; \
+}
+#define	IF_PREPEND(ifq, m) { \
+	(m)->m_act = (ifq)->ifq_head; \
+	if ((ifq)->ifq_tail == 0) \
+		(ifq)->ifq_tail = (m); \
+	(ifq)->ifq_head = (m); \
+	(ifq)->ifq_len++; \
+}
+
+/*
+ * Packets destined for level-1 protocol input routines
+ * have a pointer to the receiving interface prepended to the data.
+ * IF_DEQUEUEIF extracts and returns this pointer when dequeuing the packet.
+ * IF_ADJ should be used otherwise to adjust for its presence.
+ */
+#define	IF_ADJ(m) { \
+	(m)->m_off += sizeof (struct ifnet *); \
+	(m)->m_len -= sizeof (struct ifnet *); \
+	if ((m)->m_len == 0) { \
+		struct mbuf *n; \
+		MFREE((m), n); \
+		(m) = n; \
+	} \
+}
+#define	IF_DEQUEUEIF(ifq, m, ifp) { \
+	(m) = (ifq)->ifq_head; \
+	if (m) { \
+		if (((ifq)->ifq_head = (m)->m_act) == 0) \
+			(ifq)->ifq_tail = 0; \
+		(m)->m_act = 0; \
+		(ifq)->ifq_len--; \
+		(ifp) = *(mtod((m), struct ifnet **)); \
+		IF_ADJ(m); \
+	} \
+}
+#define	IF_DEQUEUE(ifq, m) { \
+	(m) = (ifq)->ifq_head; \
+	if (m) { \
+		if (((ifq)->ifq_head = (m)->m_act) == 0) \
+			(ifq)->ifq_tail = 0; \
+		(m)->m_act = 0; \
+		(ifq)->ifq_len--; \
+	} \
+}
+
+#define	IFQ_MAXLEN	50
+#define	IFNET_SLOWHZ	1		/* granularity is 1 second */
+
+/*
+ * The ifaddr structure contains information about one address
+ * of an interface.  They are maintained by the different address families,
+ * are allocated and attached when an address is set, and are linked
+ * together so all addresses for an interface can be located.
+ */
+struct ifaddr {
+	struct	sockaddr ifa_addr;	/* address of interface */
+	union {
+		struct	sockaddr ifu_broadaddr;
+		struct	sockaddr ifu_dstaddr;
+	} ifa_ifu;
+#define	ifa_broadaddr	ifa_ifu.ifu_broadaddr	/* broadcast address */
+#define	ifa_dstaddr	ifa_ifu.ifu_dstaddr	/* other end of p-to-p link */
+	struct	ifnet *ifa_ifp;		/* back-pointer to interface */
+	struct	ifaddr *ifa_next;	/* next address for interface */
+};
+
+/*
+ * For SIOCLIF*ND ioctls.
+ *
+ * The lnr_state_* fields use the ND_* neighbor reachability states.
+ * The 3 different fields are for use with SIOCLIFSETND to cover the cases
+ * when
+ *	A new entry is created
+ *	The entry already exists and the link-layer address is the same
+ *	The entry already exists and the link-layer address differs
+ *
+ * Use ND_UNCHANGED and ND_ISROUTER_UNCHANGED to not change any state.
+ */
+#define	ND_MAX_HDW_LEN	64
+typedef struct lif_nd_req {
+	struct sockaddr_storage	lnr_addr;
+	uint8_t			lnr_state_create;	/* When creating */
+	uint8_t			lnr_state_same_lla;	/* Update same addr */
+	uint8_t			lnr_state_diff_lla;	/* Update w/ diff. */
+	int			lnr_hdw_len;
+	int			lnr_flags;		/* See below */
+	/* padding because ia32 "long long"s are only 4-byte aligned. */
+	int			lnr_pad0;
+	char			lnr_hdw_addr[ND_MAX_HDW_LEN];
+} lif_nd_req_t;
+
+/*
+ * Neighbor reachability states
+ * Used with SIOCLIF*ND ioctls.
+ */
+#define	ND_UNCHANGED	0	/* For ioctls that don't modify state */
+#define	ND_INCOMPLETE	1	/* addr resolution in progress */
+#define	ND_REACHABLE	2	/* have recently been reachable */
+#define	ND_STALE	3	/* may be unreachable, don't do anything */
+#define	ND_DELAY	4	/* wait for upper layer hint */
+#define	ND_PROBE	5	/* send probes */
+#define	ND_UNREACHABLE	6	/* delete this route */
+
+#define	ND_STATE_VALID_MIN	0
+#define	ND_STATE_VALID_MAX	6
+
+/*
+ * lnr_flags value of lif_nd_req.
+ * Used with SIOCLIF*ND ioctls.
+ */
+#define	NDF_ISROUTER_ON		0x1
+#define	NDF_ISROUTER_OFF	0x2
+#define	NDF_ANYCAST_ON		0x4
+#define	NDF_ANYCAST_OFF		0x8
+#define	NDF_PROXY_ON		0x10
+#define	NDF_PROXY_OFF		0x20
+
+/* For SIOC[GS]LIFLNKINFO */
+typedef struct lif_ifinfo_req {
+	uint8_t		lir_maxhops;
+	uint32_t	lir_reachtime;		/* Reachable time in msec */
+	uint32_t	lir_reachretrans;	/* Retransmission timer msec */
+	uint32_t	lir_maxmtu;
+} lif_ifinfo_req_t;
+
+#endif /* !defined(_XOPEN_SOURCE) || defined(__EXTENSIONS__) */
+
+/*
+ * Maximum lengths of interface name and IPMP group name; these are the same
+ * for historical reasons.  Note that the actual maximum length of a name is
+ * one byte less than these constants since the kernel always sets the final
+ * byte of lifr_name and lifr_groupname to NUL.
+ */
+#define	_LIFNAMSIZ	32
+
+#if !defined(_XOPEN_SOURCE) || defined(__EXTENSIONS__)
+
+#define	LIFNAMSIZ	_LIFNAMSIZ
+#define	LIFGRNAMSIZ	LIFNAMSIZ
+
+/*
+ * Interface request structure used for socket
+ * ioctl's.  All interface ioctl's must have parameter
+ * definitions which begin with ifr_name.  The
+ * remainder may be interface specific.
+ * Note: This data structure uses 64bit type uint64_t which is not
+ *	 a valid type for strict ANSI/ISO C compilation for ILP32.
+ *	 Applications with ioctls using this structure that insist on
+ *	 building with strict ANSI/ISO C (-Xc) will need to be LP64.
+ */
+#if defined(_INT64_TYPE)
+struct	lifreq {
+	char	lifr_name[LIFNAMSIZ];		/* if name, e.g. "en0" */
+	union {
+		int	lifru_addrlen;		/* for subnet/token etc */
+		uint_t	lifru_ppa;		/* SIOCSLIFNAME */
+	} lifr_lifru1;
+#define	lifr_addrlen	lifr_lifru1.lifru_addrlen
+#define	lifr_ppa	lifr_lifru1.lifru_ppa	/* Driver's ppa */
+	uint_t	lifr_movetoindex;		/* FAILOVER/FAILBACK ifindex */
+	union {
+		struct	sockaddr_storage lifru_addr;
+		struct	sockaddr_storage lifru_dstaddr;
+		struct	sockaddr_storage lifru_broadaddr;
+		struct	sockaddr_storage lifru_token;	/* With lifr_addrlen */
+		struct	sockaddr_storage lifru_subnet;	/* With lifr_addrlen */
+		int	lifru_index;		/* interface index */
+		uint64_t lifru_flags;		/* Flags for SIOC?LIFFLAGS */
+		int	lifru_metric;
+		uint_t	lifru_mtu;
+		char	lifru_data[1];		/* interface dependent data */
+		char	lifru_enaddr[6];
+		int	lif_muxid[2];		/* mux id's for arp and ip */
+		struct lif_nd_req	lifru_nd_req;
+		struct lif_ifinfo_req	lifru_ifinfo_req;
+		char	lifru_groupname[LIFGRNAMSIZ]; /* SIOC[GS]LIFGROUPNAME */
+		uint_t	lifru_delay;		   /* SIOC[GS]LIFNOTIFYDELAY */
+		zoneid_t lifru_zoneid;		/* SIOC[GS]LIFZONE */
+	} lifr_lifru;
+
+#define	lifr_addr	lifr_lifru.lifru_addr	/* address */
+#define	lifr_dstaddr	lifr_lifru.lifru_dstaddr /* other end of p-to-p link */
+#define	lifr_broadaddr	lifr_lifru.lifru_broadaddr /* broadcast address */
+#define	lifr_token	lifr_lifru.lifru_token	/* address token */
+#define	lifr_subnet	lifr_lifru.lifru_subnet	/* subnet prefix */
+#define	lifr_index	lifr_lifru.lifru_index	/* interface index */
+#define	lifr_flags	lifr_lifru.lifru_flags	/* flags */
+#define	lifr_metric	lifr_lifru.lifru_metric	/* metric */
+#define	lifr_mtu	lifr_lifru.lifru_mtu	/* mtu */
+#define	lifr_data	lifr_lifru.lifru_data	/* for use by interface */
+#define	lifr_enaddr	lifr_lifru.lifru_enaddr	/* ethernet address */
+#define	lifr_index	lifr_lifru.lifru_index	/* interface index */
+#define	lifr_ip_muxid	lifr_lifru.lif_muxid[0]
+#define	lifr_arp_muxid	lifr_lifru.lif_muxid[1]
+#define	lifr_nd		lifr_lifru.lifru_nd_req	/* SIOCLIF*ND */
+#define	lifr_ifinfo	lifr_lifru.lifru_ifinfo_req /* SIOC[GS]LIFLNKINFO */
+#define	lifr_groupname	lifr_lifru.lifru_groupname
+#define	lifr_delay	lifr_lifru.lifru_delay
+#define	lifr_zoneid	lifr_lifru.lifru_zoneid
+};
+#endif /* defined(_INT64_TYPE) */
+
+/*
+ * Argument structure for SIOCT* address testing ioctls.
+ */
+struct sioc_addrreq {
+	struct sockaddr_storage	sa_addr;	/* Address to test */
+	int			sa_res;		/* Result - 0/1 */
+	int			sa_pad;
+};
+
+/*
+ * Argument structure used by mrouted to get src-grp pkt counts using
+ * SIOCGETLSGCNT. See <netinet/ip_mroute.h>.
+ */
+struct sioc_lsg_req {
+	struct sockaddr_storage	slr_src;
+	struct sockaddr_storage	slr_grp;
+	uint_t			slr_pktcnt;
+	uint_t			slr_bytecnt;
+	uint_t			slr_wrong_if;
+	uint_t			slr_pad;
+};
+
+/*
+ * OBSOLETE: Replaced by struct lifreq. Supported for compatibility.
+ *
+ * Interface request structure used for socket
+ * ioctl's.  All interface ioctl's must have parameter
+ * definitions which begin with ifr_name.  The
+ * remainder may be interface specific.
+ */
+struct	ifreq {
+#define	IFNAMSIZ	16
+	char	ifr_name[IFNAMSIZ];		/* if name, e.g. "en0" */
+	union {
+		struct	sockaddr ifru_addr;
+		struct	sockaddr ifru_dstaddr;
+		char	ifru_oname[IFNAMSIZ];	/* other if name */
+		struct	sockaddr ifru_broadaddr;
+		int	ifru_index;		/* interface index */
+		short	ifru_flags;
+		int	ifru_metric;
+		char	ifru_data[1];		/* interface dependent data */
+		char	ifru_enaddr[6];
+		int	if_muxid[2];		/* mux id's for arp and ip */
+
+		/* Struct for flags/ppa */
+		struct ifr_ppaflags {
+			short ifrup_flags;	/* Space of ifru_flags. */
+			short ifrup_filler;
+			uint_t ifrup_ppa;
+		} ifru_ppaflags;
+
+		/* Struct for FDDI ioctl's */
+		struct ifr_dnld_reqs {
+			uint32_t	v_addr;
+			uint32_t	m_addr;
+			uint32_t	ex_addr;
+			uint32_t	size;
+		} ifru_dnld_req;
+
+		/* Struct for FDDI stats */
+		struct ifr_fddi_stats {
+			uint32_t stat_size;
+			uint32_t fddi_stats;
+		} ifru_fddi_stat;
+
+		struct ifr_netmapents {
+			uint32_t map_ent_size,	/* size of netmap structure */
+				entry_number;	/* index into netmap list */
+			uint32_t fddi_map_ent;	/* pointer to user structure */
+		} ifru_netmapent;
+
+		/* Field for generic ioctl for fddi */
+
+		struct ifr_fddi_gen_struct {
+			uint32_t ifru_fddi_gioctl; /* field for gen ioctl */
+			uint32_t ifru_fddi_gaddr;  /* Generic ptr to a field */
+		} ifru_fddi_gstruct;
+
+	} ifr_ifru;
+
+#define	ifr_addr	ifr_ifru.ifru_addr	/* address */
+#define	ifr_dstaddr	ifr_ifru.ifru_dstaddr	/* other end of p-to-p link */
+#define	ifr_oname	ifr_ifru.ifru_oname	/* other if name */
+#define	ifr_broadaddr	ifr_ifru.ifru_broadaddr	/* broadcast address */
+#define	ifr_flags	ifr_ifru.ifru_flags	/* flags */
+#define	ifr_metric	ifr_ifru.ifru_metric	/* metric */
+#define	ifr_data	ifr_ifru.ifru_data	/* for use by interface */
+#define	ifr_enaddr	ifr_ifru.ifru_enaddr	/* ethernet address */
+#define	ifr_index	ifr_ifru.ifru_index	/* interface index */
+/* For setting ppa */
+#define	ifr_ppa		ifr_ifru.ifru_ppaflags.ifrup_ppa
+
+/* FDDI specific */
+#define	ifr_dnld_req	ifr_ifru.ifru_dnld_req
+#define	ifr_fddi_stat	ifr_ifru.ifru_fddi_stat
+#define	ifr_fddi_netmap	ifr_ifru.ifru_netmapent	/* FDDI network map entries */
+#define	ifr_fddi_gstruct ifr_ifru.ifru_fddi_gstruct
+
+#define	ifr_ip_muxid	ifr_ifru.if_muxid[0]
+#define	ifr_arp_muxid	ifr_ifru.if_muxid[1]
+};
+
+/* Used by SIOCGLIFNUM. Uses same flags as in struct lifconf */
+struct lifnum {
+	sa_family_t	lifn_family;
+	int		lifn_flags;	/* request specific interfaces */
+	int		lifn_count;	/* Result */
+};
+
+/*
+ * Structure used in SIOCGLIFCONF request.
+ * Used to retrieve interface configuration
+ * for machine (useful for programs which
+ * must know all networks accessible) for a given address family.
+ * Using AF_UNSPEC will retrieve all address families.
+ */
+struct	lifconf {
+	sa_family_t	lifc_family;
+	int		lifc_flags;	/* request specific interfaces */
+	int		lifc_len;	/* size of associated buffer */
+	union {
+		caddr_t	lifcu_buf;
+		struct	lifreq *lifcu_req;
+	} lifc_lifcu;
+#define	lifc_buf lifc_lifcu.lifcu_buf	/* buffer address */
+#define	lifc_req lifc_lifcu.lifcu_req	/* array of structures returned */
+};
+
+/*
+ * Structure used in SIOCGLIFSRCOF to get the interface
+ * configuration list for those interfaces that use an address
+ * hosted on the interface (set in lifs_ifindex), as the source
+ * address.
+ */
+struct lifsrcof {
+	uint_t	lifs_ifindex;	/* interface of interest */
+	size_t  lifs_maxlen;	/* size of buffer: input */
+	size_t  lifs_len;	/* size of buffer: output */
+	union {
+		caddr_t	lifsu_buf;
+		struct	lifreq *lifsu_req;
+	} lifs_lifsu;
+#define	lifs_buf lifs_lifsu.lifsu_buf /* buffer address */
+#define	lifs_req lifs_lifsu.lifsu_req /* array returned */
+};
+
+/* Flags */
+#define	LIFC_NOXMIT	0x01		/* Include IFF_NOXMIT interfaces */
+#define	LIFC_EXTERNAL_SOURCE	0x02	/* Exclude the interfaces which can't */
+					/* be used to communicate outside the */
+					/* node (exclude interfaces which are */
+					/* IFF_NOXMIT, IFF_NOLOCAL, */
+					/* IFF_LOOPBACK, IFF_DEPRECATED, or */
+					/* not IFF_UP). Has priority over */
+					/* LIFC_NOXMIT. */
+#define	LIFC_TEMPORARY	0x04		/* Include IFF_TEMPORARY interfaces */
+#define	LIFC_ALLZONES	0x08		/* Include all zones */
+					/* (must be issued from global zone) */
+
+#if defined(_SYSCALL32)
+
+struct	lifconf32 {
+	sa_family_t	lifc_family;
+	int		lifc_flags;	/* request specific interfaces */
+	int32_t	lifc_len;		/* size of associated buffer */
+	union {
+		caddr32_t lifcu_buf;
+		caddr32_t lifcu_req;
+	} lifc_lifcu;
+};
+
+struct lifsrcof32 {
+	uint_t	lifs_ifindex;	/* interface of interest */
+	size32_t  lifs_maxlen;	/* size of buffer: input */
+	size32_t  lifs_len;	/* size of buffer: output */
+	union {
+		caddr32_t lifsu_buf;
+		caddr32_t lifsu_req;
+	} lifs_lifsu;
+};
+
+#endif	/* _SYSCALL32 */
+
+/*
+ * OBSOLETE: Structure used in SIOCGIFCONF request.
+ * Used to retrieve interface configuration
+ * for machine (useful for programs which
+ * must know all networks accessible).
+ */
+struct	ifconf {
+	int	ifc_len;		/* size of associated buffer */
+	union {
+		caddr_t	ifcu_buf;
+		struct	ifreq *ifcu_req;
+	} ifc_ifcu;
+#define	ifc_buf	ifc_ifcu.ifcu_buf	/* buffer address */
+#define	ifc_req	ifc_ifcu.ifcu_req	/* array of structures returned */
+};
+
+#if defined(_SYSCALL32)
+
+struct	ifconf32 {
+	int32_t	ifc_len;		/* size of associated buffer */
+	union {
+		caddr32_t ifcu_buf;
+		caddr32_t ifcu_req;
+	} ifc_ifcu;
+};
+
+#endif	/* _SYSCALL32 */
+
+typedef struct if_data {
+				/* generic interface information */
+	uchar_t	ifi_type;	/* ethernet, tokenring, etc */
+	uchar_t	ifi_addrlen;	/* media address length */
+	uchar_t	ifi_hdrlen;	/* media header length */
+	uint_t	ifi_mtu;	/* maximum transmission unit */
+	uint_t	ifi_metric;	/* routing metric (external only) */
+	uint_t	ifi_baudrate;	/* linespeed */
+				/* volatile statistics */
+	uint_t	ifi_ipackets;	/* packets received on interface */
+	uint_t	ifi_ierrors;	/* input errors on interface */
+	uint_t	ifi_opackets;	/* packets sent on interface */
+	uint_t	ifi_oerrors;	/* output errors on interface */
+	uint_t	ifi_collisions;	/* collisions on csma interfaces */
+	uint_t	ifi_ibytes;	/* total number of octets received */
+	uint_t	ifi_obytes;	/* total number of octets sent */
+	uint_t	ifi_imcasts;	/* packets received via multicast */
+	uint_t	ifi_omcasts;	/* packets sent via multicast */
+	uint_t	ifi_iqdrops;	/* dropped on input, this interface */
+	uint_t	ifi_noproto;	/* destined for unsupported protocol */
+#if defined(_LP64)
+	struct	timeval32 ifi_lastchange; /* last updated */
+#else
+	struct	timeval ifi_lastchange; /* last updated */
+#endif
+} if_data_t;
+
+/*
+ * Message format for use in obtaining information about interfaces
+ * from the routing socket
+ */
+typedef struct if_msghdr {
+	ushort_t ifm_msglen;	/* to skip over non-understood messages */
+	uchar_t	ifm_version;	/* future binary compatibility */
+	uchar_t	ifm_type;	/* message type */
+	int	ifm_addrs;	/* like rtm_addrs */
+	int	ifm_flags;	/* value of if_flags */
+	ushort_t ifm_index;	/* index for associated ifp */
+	struct	if_data ifm_data; /* statistics and other data about if */
+} if_msghdr_t;
+
+/*
+ * Message format for use in obtaining information about interface addresses
+ * from the routing socket
+ */
+typedef struct ifa_msghdr {
+	ushort_t ifam_msglen;	/* to skip over non-understood messages */
+	uchar_t	ifam_version;	/* future binary compatibility */
+	uchar_t	ifam_type;	/* message type */
+	int	ifam_addrs;	/* like rtm_addrs */
+	int	ifam_flags;	/* route flags */
+	ushort_t ifam_index;	/* index for associated ifp */
+	int	ifam_metric;	/* value of ipif_metric */
+} ifa_msghdr_t;
+
+/* currently tunnels only support IPv4 or IPv6 */
+enum ifta_proto {
+	IFTAP_INVALID,
+	IFTAP_IPV4,
+	IFTAP_IPV6
+};
+
+#define	IFTUN_SECINFOLEN 8	/* In units of 32-bit words. */
+#define	IFTUN_VERSION 1		/* Current version number. */
+
+/*
+ * Used by tunneling module to get/set a tunnel parameters using
+ * SIOCTUN[SG]PARAM.
+ *
+ * There is a version number and an array of uint32_t at the end of this
+ * ioctl because in a perfect world, the ipsec_req_t would be inside
+ * tun_addreq.  Since this file is independent of IP (and IPsec), I have to
+ * just leave room there, and have the appropriate handlers deal with the
+ * security information.
+ *
+ * In the future, the sockaddr types and the ta_vers could be used together
+ * to determine the nature of the security information that is at the end
+ * of this ioctl.
+ */
+struct iftun_req {
+	char		ifta_lifr_name[LIFNAMSIZ]; /* if name */
+	struct sockaddr_storage ifta_saddr;	/* source address */
+	struct sockaddr_storage ifta_daddr;	/* destination address */
+	uint_t		ifta_flags;		/* See below */
+	/* IP version information is read only */
+	enum ifta_proto	ifta_upper;		/* IP version above tunnel */
+	enum ifta_proto	ifta_lower;		/* IP version below tunnel */
+	uint_t		ifta_vers;		/* Version number */
+	uint32_t	ifta_secinfo[IFTUN_SECINFOLEN]; /* Security prefs. */
+	int16_t		ifta_encap_lim;		/* Encapsulation limit */
+	uint8_t		ifta_hop_limit;		/* Hop limit */
+	uint8_t		ifta_spare0;		/* Pad to 64-bit boundary */
+	uint32_t	ifta_spare1;
+};
+
+/* ifta_flags are set to indicate which members are valid */
+#define	IFTUN_SRC			0x01
+#define	IFTUN_DST			0x02
+#define	IFTUN_SECURITY			0x04	/* Pay attention to secinfo */
+#define	IFTUN_ENCAP			0x08	/* Pay attention to encap */
+#define	IFTUN_HOPLIMIT			0x10	/* Pay attention to hoplimit */
+
+#endif /* !defined(_XOPEN_SOURCE) || defined(__EXTENSIONS__) */
+
+/*
+ * The if_nameindex structure holds the interface index value about
+ * a single interface. An array of this structure is used to return
+ * all interfaces and indexes.
+ */
+struct if_nameindex {
+	unsigned 	if_index;	/* positive interface index */
+	char		*if_name;	/* if name, e.g. "en0" */
+};
+
+/* Interface index identification API definitions */
+extern	unsigned 		if_nametoindex(const char *);
+extern	char			*if_indextoname(unsigned, char *);
+extern	struct if_nameindex	*if_nameindex(void);
+extern	void			if_freenameindex(struct if_nameindex *);
+
+#define	IF_NAMESIZE	_LIFNAMSIZ
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _NET_IF_H */
diff --git a/usr/src/uts/common/net/if_arp.h b/usr/src/uts/common/net/if_arp.h
new file mode 100644
index 0000000000..7df505c710
--- /dev/null
+++ b/usr/src/uts/common/net/if_arp.h
@@ -0,0 +1,100 @@
+/*
+ * Copyright 1997-2003 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+/*
+ * Copyright (c) 1986 Regents of the University of California.
+ * All rights reserved.  The Berkeley software License Agreement
+ * specifies the terms and conditions for redistribution.
+ */
+
+#ifndef	_NET_IF_ARP_H
+#define	_NET_IF_ARP_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+/* if_arp.h 1.5 88/08/19 SMI; from UCB 7.1 1/24/86	*/
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/*
+ * Address Resolution Protocol.
+ *
+ * See RFC 826 for protocol description.  ARP packets are variable
+ * in size; the arphdr structure defines the fixed-length portion.
+ * Protocol type values are the same as those for 10 Mb/s Ethernet.
+ * It is followed by the variable-sized fields ar_sha, arp_spa,
+ * arp_tha and arp_tpa in that order, according to the lengths
+ * specified.  Field names used correspond to RFC 826.
+ */
+struct	arphdr {
+	ushort_t ar_hrd;	/* format of hardware address */
+#define	ARPHRD_ETHER 	1	/* ethernet hardware address */
+#define	ARPHRD_IB 	32	/* IPoIB hardware address */
+	ushort_t ar_pro;	/* format of protocol address */
+	uchar_t	ar_hln;		/* length of hardware address */
+	uchar_t	ar_pln;		/* length of protocol address */
+	ushort_t ar_op;		/* one of: */
+#define	ARPOP_REQUEST	1	/* request to resolve address */
+#define	ARPOP_REPLY	2	/* response to previous request */
+#define	REVARP_REQUEST	3	/* Reverse ARP request */
+#define	REVARP_REPLY	4	/* Reverse ARP reply */
+	/*
+	 * The remaining fields are variable in size,
+	 * according to the sizes above, and are defined
+	 * as appropriate for specific hardware/protocol
+	 * combinations.  (E.g., see <netinet/if_ether.h>.)
+	 */
+#ifdef	notdef
+	uchar_t	ar_sha[];	/* sender hardware address */
+	uchar_t	ar_spa[];	/* sender protocol address */
+	uchar_t	ar_tha[];	/* target hardware address */
+	uchar_t	ar_tpa[];	/* target protocol address */
+#endif	/* notdef */
+};
+
+/*
+ * Extended ARP ioctl request
+ */
+struct xarpreq {
+	struct	sockaddr_storage xarp_pa;	/* protocol address */
+	struct	sockaddr_dl	 xarp_ha;	/* hardware address */
+	int	xarp_flags;			/* flags */
+};
+
+/*
+ * BSD ARP ioctl request
+ */
+struct arpreq {
+	struct	sockaddr arp_pa;		/* protocol address */
+	struct	sockaddr arp_ha;		/* hardware address */
+	int	arp_flags;			/* flags */
+};
+/*  arp_flags and at_flags field values */
+#define	ATF_INUSE	0x01	/* entry in use */
+#define	ATF_COM		0x02	/* completed entry (enaddr valid) */
+#define	ATF_PERM	0x04	/* permanent entry */
+#define	ATF_PUBL	0x08	/* publish entry (respond for other host) */
+#define	ATF_USETRAILERS	0x10	/* has requested trailers */
+
+/*
+ * This data structure is used by kernel protocol modules to register
+ * their interest in a particular packet type with the Ethernet drivers.
+ * For example, other kinds of ARP would use this, XNS, ApleTalk, etc.
+ */
+struct ether_family {
+	int		ef_family;	/* address family */
+	ushort_t	ef_ethertype;	/* ethernet type field */
+	struct ifqueue *(*ef_infunc)();	/* input function */
+	int		(*ef_outfunc)();	/* output function */
+	int		(*ef_netisr)();	/* soft interrupt function */
+	struct ether_family *ef_next;	/* link to next on list */
+};
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _NET_IF_ARP_H */
diff --git a/usr/src/uts/common/net/if_dl.h b/usr/src/uts/common/net/if_dl.h
new file mode 100644
index 0000000000..a4810cb793
--- /dev/null
+++ b/usr/src/uts/common/net/if_dl.h
@@ -0,0 +1,93 @@
+/*
+ * Copyright 1993-2003 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+/*
+ * Copyright (c) 1990, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef	_NET_IF_DL_H
+#define	_NET_IF_DL_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+/* from UCB 8.1 (Berkeley) 6/10/93 */
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/*
+ * A Link-Level Sockaddr may specify the interface in one of two
+ * ways: either by means of a system-provided index number (computed
+ * anew and possibly differently on every reboot), or by a human-readable
+ * string such as "il0" (for managerial convenience).
+ *
+ * Census taking actions, such as something akin to SIOCGCONF would return
+ * both the index and the human name.
+ *
+ * High volume transactions (such as giving a link-level ``from'' address
+ * in a recvfrom or recvmsg call) may be likely only to provide the indexed
+ * form, (which requires fewer copy operations and less space).
+ *
+ * The form and interpretation  of the link-level address is purely a matter
+ * of convention between the device driver and its consumers; however, it is
+ * expected that all drivers for an interface of a given if_type will agree.
+ */
+
+/*
+ * Structure of a Link-Level sockaddr:
+ */
+struct sockaddr_dl {
+	ushort_t sdl_family;	/* AF_LINK */
+	ushort_t sdl_index;	/* if != 0, system given index for interface */
+	uchar_t	sdl_type;	/* interface type */
+	uchar_t	sdl_nlen;	/* interface name length, no trailing 0 reqd. */
+	uchar_t	sdl_alen;	/* link level address length */
+	uchar_t	sdl_slen;	/* link layer selector length */
+	char	sdl_data[244];	/* contains both if name and ll address */
+};
+
+#define	LLADDR(s) ((caddr_t)((s)->sdl_data + (s)->sdl_nlen))
+
+#ifdef	__STDC__
+extern char *_link_ntoa(const unsigned char *, char *, int, int);
+extern unsigned char *_link_aton(const char *, int *);
+#else	/* __STDC__ */
+extern char *_link_ntoa();
+extern unsigned char *_link_aton();
+#endif	/* __STDC__ */
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _NET_IF_DL_H */
diff --git a/usr/src/uts/common/net/if_types.h b/usr/src/uts/common/net/if_types.h
new file mode 100644
index 0000000000..be8a0ea26d
--- /dev/null
+++ b/usr/src/uts/common/net/if_types.h
@@ -0,0 +1,114 @@
+/*
+ * Copyright 1993-2003 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+/*
+ * Copyright (c) 1989, 1993, 1994
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef	_NET_IF_TYPES_H
+#define	_NET_IF_TYPES_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+/* from UCB 8.3 (Berkeley) 4/28/95 */
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/*
+ * Interface types for benefit of parsing media address headers.
+ * This list is derived from the SNMP list of ifTypes, currently
+ * documented in RFC1573.
+ */
+
+#define	IFT_OTHER	0x1		/* none of the following */
+#define	IFT_1822	0x2		/* old-style arpanet imp */
+#define	IFT_HDH1822	0x3		/* HDH arpanet imp */
+#define	IFT_X25DDN	0x4		/* x25 to imp */
+#define	IFT_X25		0x5		/* PDN X25 interface (RFC877) */
+#define	IFT_ETHER	0x6		/* Ethernet CSMACD */
+#define	IFT_ISO88023	0x7		/* CMSA CD */
+#define	IFT_ISO88024	0x8		/* Token Bus */
+#define	IFT_ISO88025	0x9		/* Token Ring */
+#define	IFT_ISO88026	0xa		/* MAN */
+#define	IFT_STARLAN	0xb
+#define	IFT_P10		0xc		/* Proteon 10MBit ring */
+#define	IFT_P80		0xd		/* Proteon 80MBit ring */
+#define	IFT_HY		0xe		/* Hyperchannel */
+#define	IFT_FDDI	0xf
+#define	IFT_LAPB	0x10
+#define	IFT_SDLC	0x11
+#define	IFT_T1		0x12
+#define	IFT_CEPT	0x13		/* E1 - european T1 */
+#define	IFT_ISDNBASIC	0x14
+#define	IFT_ISDNPRIMARY	0x15
+#define	IFT_PTPSERIAL	0x16		/* Proprietary PTP serial */
+#define	IFT_PPP		0x17		/* RFC 1331 */
+#define	IFT_LOOP	0x18		/* loopback */
+#define	IFT_EON		0x19		/* ISO over IP */
+#define	IFT_XETHER	0x1a		/* obsolete 3MB experimental ethernet */
+#define	IFT_NSIP	0x1b		/* XNS over IP */
+#define	IFT_SLIP	0x1c		/* IP over generic TTY */
+#define	IFT_ULTRA	0x1d		/* Ultra Technologies */
+#define	IFT_DS3		0x1e		/* Generic T3 */
+#define	IFT_SIP		0x1f		/* SMDS */
+#define	IFT_FRELAY	0x20		/* Frame Relay DTE only */
+#define	IFT_RS232	0x21
+#define	IFT_PARA	0x22		/* parallel-port */
+#define	IFT_ARCNET	0x23
+#define	IFT_ARCNETPLUS	0x24
+#define	IFT_ATM		0x25		/* ATM cells */
+#define	IFT_MIOX25	0x26
+#define	IFT_SONET	0x27		/* SONET or SDH */
+#define	IFT_X25PLE	0x28
+#define	IFT_ISO88022LLC	0x29
+#define	IFT_LOCALTALK	0x2a
+#define	IFT_SMDSDXI	0x2b
+#define	IFT_FRELAYDCE	0x2c		/* Frame Relay DCE */
+#define	IFT_V35		0x2d
+#define	IFT_HSSI	0x2e
+#define	IFT_HIPPI	0x2f
+#define	IFT_MODEM	0x30		/* Generic Modem */
+#define	IFT_AAL5	0x31		/* AAL5 over ATM */
+#define	IFT_SONETPATH	0x32
+#define	IFT_SONETVT	0x33
+#define	IFT_SMDSICIP	0x34		/* SMDS InterCarrier Interface */
+#define	IFT_PROPVIRTUAL	0x35		/* Proprietary Virtual/internal */
+#define	IFT_PROPMUX	0x36		/* Proprietary Multiplexing */
+#define	IFT_IB		0xc7		/* Infiniband */
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _NET_IF_TYPES_H */
diff --git a/usr/src/uts/common/net/pfkeyv2.h b/usr/src/uts/common/net/pfkeyv2.h
new file mode 100644
index 0000000000..a05ad8db78
--- /dev/null
+++ b/usr/src/uts/common/net/pfkeyv2.h
@@ -0,0 +1,748 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License").  You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#ifndef	_NET_PFKEYV2_H
+#define	_NET_PFKEYV2_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+/*
+ * Definitions and structures for PF_KEY version 2.  See RFC 2367 for
+ * more details.  SA == Security Association, which is what PF_KEY provides
+ * an API for managing.
+ */
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+#define	PF_KEY_V2		2
+#define	PFKEYV2_REVISION	200109L
+
+/*
+ * Base PF_KEY message.
+ */
+
+typedef struct sadb_msg {
+	uint8_t sadb_msg_version;	/* Version, currently PF_KEY_V2 */
+	uint8_t sadb_msg_type;		/* ADD, UPDATE, etc. */
+	uint8_t sadb_msg_errno;		/* Error number from UNIX errno space */
+	uint8_t sadb_msg_satype;	/* ESP, AH, etc. */
+	uint16_t sadb_msg_len;		/* Length in 64-bit words. */
+	uint16_t sadb_msg_reserved;	/* must be zero */
+/*
+ * Use the reserved field for extended diagnostic information on errno
+ * responses.
+ */
+#define	sadb_x_msg_diagnostic sadb_msg_reserved
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint32_t sadb_x_msg_useq;	/* Set by originator */
+			uint32_t sadb_x_msg_upid;	/* Set by originator */
+		} sadb_x_msg_actual;
+		uint64_t sadb_x_msg_alignment;
+	} sadb_x_msg_u;
+#define	sadb_msg_seq sadb_x_msg_u.sadb_x_msg_actual.sadb_x_msg_useq
+#define	sadb_msg_pid sadb_x_msg_u.sadb_x_msg_actual.sadb_x_msg_upid
+} sadb_msg_t;
+
+/*
+ * Generic extension header.
+ */
+
+typedef struct sadb_ext {
+	union {
+		/* Union is for guaranteeing 64-bit alignment. */
+		struct {
+			uint16_t sadb_x_ext_ulen;	/* In 64s, inclusive */
+			uint16_t sadb_x_ext_utype;	/* 0 is reserved */
+		} sadb_x_ext_actual;
+		uint64_t sadb_x_ext_alignment;
+	} sadb_x_ext_u;
+#define	sadb_ext_len sadb_x_ext_u.sadb_x_ext_actual.sadb_x_ext_ulen
+#define	sadb_ext_type sadb_x_ext_u.sadb_x_ext_actual.sadb_x_ext_utype
+} sadb_ext_t;
+
+/*
+ * Security Association information extension.
+ */
+
+typedef struct sadb_sa {
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t sadb_x_sa_ulen;
+			uint16_t sadb_x_sa_uexttype;	/* ASSOCIATION */
+			uint32_t sadb_x_sa_uspi;	/* Sec. Param. Index */
+		} sadb_x_sa_uactual;
+		uint64_t sadb_x_sa_alignment;
+	} sadb_x_sa_u;
+#define	sadb_sa_len sadb_x_sa_u.sadb_x_sa_uactual.sadb_x_sa_ulen
+#define	sadb_sa_exttype sadb_x_sa_u.sadb_x_sa_uactual.sadb_x_sa_uexttype
+#define	sadb_sa_spi sadb_x_sa_u.sadb_x_sa_uactual.sadb_x_sa_uspi
+	uint8_t sadb_sa_replay;		/* Replay counter */
+	uint8_t sadb_sa_state;		/* MATURE, DEAD, DYING, LARVAL */
+	uint8_t sadb_sa_auth;		/* Authentication algorithm */
+	uint8_t sadb_sa_encrypt;	/* Encryption algorithm */
+	uint32_t sadb_sa_flags;		/* SA flags. */
+} sadb_sa_t;
+
+/*
+ * SA Lifetime extension.  Already 64-bit aligned thanks to uint64_t fields.
+ */
+
+typedef struct sadb_lifetime {
+	uint16_t sadb_lifetime_len;
+	uint16_t sadb_lifetime_exttype;		/* SOFT, HARD, CURRENT */
+	uint32_t sadb_lifetime_allocations;
+	uint64_t sadb_lifetime_bytes;
+	uint64_t sadb_lifetime_addtime;	/* These fields are assumed to hold */
+	uint64_t sadb_lifetime_usetime;	/* >= sizeof (time_t). */
+} sadb_lifetime_t;
+
+/*
+ * SA address information.
+ */
+
+typedef struct sadb_address {
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t sadb_x_address_ulen;
+			uint16_t sadb_x_address_uexttype; /* SRC, DST, PROXY */
+			uint8_t sadb_x_address_uproto; /* Proto for ports... */
+			uint8_t sadb_x_address_uprefixlen; /* Prefix length. */
+			uint16_t sadb_x_address_ureserved; /* Padding */
+		} sadb_x_address_actual;
+		uint64_t sadb_x_address_alignment;
+	} sadb_x_address_u;
+#define	sadb_address_len \
+	sadb_x_address_u.sadb_x_address_actual.sadb_x_address_ulen
+#define	sadb_address_exttype \
+	sadb_x_address_u.sadb_x_address_actual.sadb_x_address_uexttype
+#define	sadb_address_proto \
+	sadb_x_address_u.sadb_x_address_actual.sadb_x_address_uproto
+#define	sadb_address_prefixlen \
+	sadb_x_address_u.sadb_x_address_actual.sadb_x_address_uprefixlen
+#define	sadb_address_reserved \
+	sadb_x_address_u.sadb_x_address_actual.sadb_x_address_ureserved
+	/* Followed by a sockaddr structure which may contain ports. */
+} sadb_address_t;
+
+/*
+ * SA key information.
+ */
+
+typedef struct sadb_key {
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t sadb_x_key_ulen;
+			uint16_t sadb_x_key_uexttype;	/* AUTH, ENCRYPT */
+			uint16_t sadb_x_key_ubits;	/* Actual len (bits) */
+			uint16_t sadb_x_key_ureserved;
+		} sadb_x_key_actual;
+		uint64_t sadb_x_key_alignment;
+	} sadb_x_key_u;
+#define	sadb_key_len sadb_x_key_u.sadb_x_key_actual.sadb_x_key_ulen
+#define	sadb_key_exttype sadb_x_key_u.sadb_x_key_actual.sadb_x_key_uexttype
+#define	sadb_key_bits sadb_x_key_u.sadb_x_key_actual.sadb_x_key_ubits
+#define	sadb_key_reserved sadb_x_key_u.sadb_x_key_actual.sadb_x_key_ureserved
+	/* Followed by actual key(s) in canonical (outbound proc.) order. */
+} sadb_key_t;
+
+/*
+ * SA Identity information.  Already 64-bit aligned thanks to uint64_t fields.
+ */
+
+typedef struct sadb_ident {
+	uint16_t sadb_ident_len;
+	uint16_t sadb_ident_exttype;	/* SRC, DST, PROXY */
+	uint16_t sadb_ident_type;	/* FQDN, USER_FQDN, etc. */
+	uint16_t sadb_ident_reserved;	/* Padding */
+	uint64_t sadb_ident_id;		/* For userid, etc. */
+	/* Followed by an identity null-terminate C string if present. */
+} sadb_ident_t;
+
+/*
+ * SA sensitivity information.  This is mostly useful on MLS systems.
+ */
+
+typedef struct sadb_sens {
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t sadb_x_sens_ulen;
+			uint16_t sadb_x_sens_uexttype;	/* SENSITIVITY */
+			uint32_t sadb_x_sens_udpd;	/* Protection domain */
+		} sadb_x_sens_actual;
+		uint64_t sadb_x_sens_alignment;
+	} sadb_x_sens_u;
+#define	sadb_sens_len sadb_x_sens_u.sadb_x_sens_actual.sadb_x_sens_ulen
+#define	sadb_sens_exttype sadb_x_sens_u.sadb_x_sens_actual.sadb_x_sens_uexttype
+#define	sadb_sens_dpd sadb_x_sens_u.sadb_x_sens_actual.sadb_x_sens_udpd
+	uint8_t sadb_sens_sens_level;
+	uint8_t sadb_sens_sens_len;		/* 64-bit words */
+	uint8_t sadb_sens_integ_level;
+	uint8_t sadb_sens_integ_len;		/* 64-bit words */
+	uint32_t sadb_sens_reserved;
+	/*
+	 * followed by two uint64_t arrays
+	 * uint64_t sadb_sens_bitmap[sens_bitmap_len];
+	 * uint64_t sadb_integ_bitmap[integ_bitmap_len];
+	 */
+} sadb_sens_t;
+
+/*
+ * A proposal extension.  This is found in an ACQUIRE message, and it
+ * proposes what sort of SA the kernel would like to ACQUIRE.
+ */
+
+/* First, a base structure... */
+
+typedef struct sadb_x_propbase {
+	uint16_t sadb_x_propb_len;
+	uint16_t sadb_x_propb_exttype;	/* PROPOSAL, X_EPROP */
+	union {
+		struct {
+			uint8_t sadb_x_propb_lenres_replay;
+			uint8_t sadb_x_propb_lenres_eres;
+			uint16_t sadb_x_propb_lenres_numecombs;
+		} sadb_x_propb_lenres;
+		struct {
+			uint8_t sadb_x_propb_oldres_replay;
+			uint8_t sadb_x_propb_oldres_reserved[3];
+		} sadb_x_propb_oldres;
+	} sadb_x_propb_u;
+#define	sadb_x_propb_replay \
+	sadb_x_propb_u.sadb_x_propb_lenres.sadb_x_propb_lenres_replay
+#define	sadb_x_propb_reserved \
+	sadb_x_propb_u.sadb_x_propb_oldres.sadb_x_propb_oldres_reserved
+#define	sadb_x_propb_ereserved \
+	sadb_x_propb_u.sadb_x_propb_lenres.sadb_x_propb_lenres_eres
+#define	sadb_x_propb_numecombs \
+	sadb_x_propb_u.sadb_x_propb_lenres.sadb_x_propb_lenres_numecombs
+	/* Followed by sadb_comb[] array or sadb_ecomb[] array. */
+} sadb_x_propbase_t;
+
+/* Now, the actual sadb_prop structure, which will have alignment in it! */
+
+typedef struct sadb_prop {
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		sadb_x_propbase_t sadb_x_prop_actual;
+		uint64_t sadb_x_prop_alignment;
+	} sadb_x_prop_u;
+#define	sadb_prop_len sadb_x_prop_u.sadb_x_prop_actual.sadb_x_propb_len
+#define	sadb_prop_exttype sadb_x_prop_u.sadb_x_prop_actual.sadb_x_propb_exttype
+#define	sadb_prop_replay sadb_x_prop_u.sadb_x_prop_actual.sadb_x_propb_replay
+#define	sadb_prop_reserved \
+	sadb_x_prop_u.sadb_x_prop_actual.sadb_x_propb_reserved
+#define	sadb_x_prop_ereserved \
+	sadb_x_prop_u.sadb_x_prop_actual.sadb_x_propb_ereserved
+#define	sadb_x_prop_numecombs \
+	sadb_x_prop_u.sadb_x_prop_actual.sadb_x_propb_numecombs
+} sadb_prop_t;
+
+/*
+ * This is a proposed combination.  Many of these can follow a proposal
+ * extension.  Already 64-bit aligned thanks to uint64_t fields.
+ */
+
+typedef struct sadb_comb {
+	uint8_t sadb_comb_auth;			/* Authentication algorithm */
+	uint8_t sadb_comb_encrypt;		/* Encryption algorithm */
+	uint16_t sadb_comb_flags;		/* Comb. flags (e.g. PFS) */
+	uint16_t sadb_comb_auth_minbits;	/* Bit strengths for auth */
+	uint16_t sadb_comb_auth_maxbits;
+	uint16_t sadb_comb_encrypt_minbits;	/* Bit strengths for encrypt */
+	uint16_t sadb_comb_encrypt_maxbits;
+	uint32_t sadb_comb_reserved;
+	uint32_t sadb_comb_soft_allocations;	/* Lifetime proposals for */
+	uint32_t sadb_comb_hard_allocations;	/* this combination. */
+	uint64_t sadb_comb_soft_bytes;
+	uint64_t sadb_comb_hard_bytes;
+	uint64_t sadb_comb_soft_addtime;
+	uint64_t sadb_comb_hard_addtime;
+	uint64_t sadb_comb_soft_usetime;
+	uint64_t sadb_comb_hard_usetime;
+} sadb_comb_t;
+
+/*
+ * An extended combination that can comprise of many SA types.
+ * A single combination has algorithms and SA types locked.
+ * These are represented by algorithm descriptors, the second structure
+ * in the list.  For example, if the EACQUIRE requests AH(MD5) + ESP(DES/null)
+ * _or_ ESP(DES/MD5), it would have two combinations:
+ *
+ * COMB: algdes(AH, AUTH, MD5), algdes(ESP, CRYPT, DES)
+ * COMB: algdes(ESP, AUTH, MD5), algdes(ESP, CRYPT, DES)
+ *
+ * If an SA type supports an algorithm type, and there's no descriptor,
+ * assume it requires NONE, just like it were explicitly stated.
+ * (This includes ESP NULL encryption, BTW.)
+ *
+ * Already 64-bit aligned thanks to uint64_t fields.
+ */
+
+typedef struct sadb_x_ecomb {
+	uint8_t sadb_x_ecomb_numalgs;
+	uint8_t sadb_x_ecomb_reserved;
+	uint16_t sadb_x_ecomb_flags;	/* E.g. PFS? */
+	uint32_t sadb_x_ecomb_reserved2;
+	uint32_t sadb_x_ecomb_soft_allocations;
+	uint32_t sadb_x_ecomb_hard_allocations;
+	uint64_t sadb_x_ecomb_soft_bytes;
+	uint64_t sadb_x_ecomb_hard_bytes;
+	uint64_t sadb_x_ecomb_soft_addtime;
+	uint64_t sadb_x_ecomb_hard_addtime;
+	uint64_t sadb_x_ecomb_soft_usetime;
+	uint64_t sadb_x_ecomb_hard_usetime;
+} sadb_x_ecomb_t;
+
+typedef struct sadb_x_algdesc {
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint8_t sadb_x_algdesc_usatype;	/* ESP, AH, etc. */
+			uint8_t sadb_x_algdesc_ualgtype; /* AUTH, CRYPT, COMP */
+			uint8_t sadb_x_algdesc_ualg;	/* 3DES, MD5, etc. */
+			uint8_t sadb_x_algdesc_ureserved;
+			uint16_t sadb_x_algdesc_uminbits; /* Bit strengths. */
+			uint16_t sadb_x_algdesc_umaxbits;
+		} sadb_x_algdesc_actual;
+		uint64_t sadb_x_algdesc_alignment;
+	} sadb_x_algdesc_u;
+#define	sadb_x_algdesc_satype \
+	sadb_x_algdesc_u.sadb_x_algdesc_actual.sadb_x_algdesc_usatype
+#define	sadb_x_algdesc_algtype \
+	sadb_x_algdesc_u.sadb_x_algdesc_actual.sadb_x_algdesc_ualgtype
+#define	sadb_x_algdesc_alg \
+	sadb_x_algdesc_u.sadb_x_algdesc_actual.sadb_x_algdesc_ualg
+#define	sadb_x_algdesc_reserved \
+	sadb_x_algdesc_u.sadb_x_algdesc_actual.sadb_x_algdesc_ureserved
+#define	sadb_x_algdesc_minbits \
+	sadb_x_algdesc_u.sadb_x_algdesc_actual.sadb_x_algdesc_uminbits
+#define	sadb_x_algdesc_maxbits \
+	sadb_x_algdesc_u.sadb_x_algdesc_actual.sadb_x_algdesc_umaxbits
+} sadb_x_algdesc_t;
+
+/*
+ * When key mgmt. registers with the kernel, the kernel will tell key mgmt.
+ * its supported algorithms.
+ */
+
+typedef struct sadb_supported {
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t sadb_x_supported_ulen;
+			uint16_t sadb_x_supported_uexttype;
+			uint32_t sadb_x_supported_ureserved;
+		} sadb_x_supported_actual;
+		uint64_t sadb_x_supported_alignment;
+	} sadb_x_supported_u;
+#define	sadb_supported_len \
+	sadb_x_supported_u.sadb_x_supported_actual.sadb_x_supported_ulen
+#define	sadb_supported_exttype \
+	sadb_x_supported_u.sadb_x_supported_actual.sadb_x_supported_uexttype
+#define	sadb_supported_reserved \
+	sadb_x_supported_u.sadb_x_supported_actual.sadb_x_supported_ureserved
+} sadb_supported_t;
+
+/* First, a base structure... */
+typedef struct sadb_x_algb {
+	uint8_t sadb_x_algb_id;		/* Algorithm type. */
+	uint8_t sadb_x_algb_ivlen;		/* IV len, in bits */
+	uint16_t sadb_x_algb_minbits;	/* Min. key len (in bits) */
+	uint16_t sadb_x_algb_maxbits;	/* Max. key length */
+	union {
+		uint16_t sadb_x_algb_ureserved;
+		uint8_t sadb_x_algb_udefaults[2];
+	} sadb_x_algb_union;
+
+#define	sadb_x_algb_reserved sadb_x_algb_union.sadb_x_algb_ureserved
+#define	sadb_x_algb_increment sadb_x_algb_union.sadb_x_algb_udefaults[0]
+#define	sadb_x_algb_defincr sadb_x_algb_union.sadb_x_algb_udefaults[1]
+/*
+ * alg_increment: the number of bits from a key length to the next
+ * alg_defincr: the number of increments from the smallest possible
+ * key to the default key length
+ */
+} sadb_x_algb_t;
+/* useful macros for dealing with defincr */
+#define	SADB_ALG_DEFAULT_LEN(min, incr, defincr) ((min) + ((defincr) * (incr)))
+#define	SADB_ALG_DEFAULT_INCR(min, incr, default) (((default) - (min)) / (incr))
+
+/* Now, the actual sadb_alg structure, which will have alignment in it. */
+typedef struct sadb_alg {
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		sadb_x_algb_t sadb_x_alg_actual;
+		uint64_t sadb_x_alg_alignment;
+	} sadb_x_alg_u;
+#define	sadb_alg_id sadb_x_alg_u.sadb_x_alg_actual.sadb_x_algb_id
+#define	sadb_alg_ivlen sadb_x_alg_u.sadb_x_alg_actual.sadb_x_algb_ivlen
+#define	sadb_alg_minbits sadb_x_alg_u.sadb_x_alg_actual.sadb_x_algb_minbits
+#define	sadb_alg_maxbits sadb_x_alg_u.sadb_x_alg_actual.sadb_x_algb_maxbits
+#define	sadb_alg_reserved sadb_x_alg_u.sadb_x_alg_actual.sadb_x_algb_reserved
+#define	sadb_x_alg_increment \
+	sadb_x_alg_u.sadb_x_alg_actual.sadb_x_algb_increment
+#define	sadb_x_alg_defincr sadb_x_alg_u.sadb_x_alg_actual.sadb_x_algb_defincr
+} sadb_alg_t;
+
+/*
+ * If key mgmt. needs an SPI in a range (including 0 to 0xFFFFFFFF), it
+ * asks the kernel with this extension in the SADB_GETSPI message.
+ */
+
+typedef struct sadb_spirange {
+	uint16_t sadb_spirange_len;
+	uint16_t sadb_spirange_exttype;	/* SPI_RANGE */
+	uint32_t sadb_spirange_min;
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint32_t sadb_x_spirange_umax;
+			uint32_t sadb_x_spirange_ureserved;
+		} sadb_x_spirange_actual;
+		uint64_t sadb_x_spirange_alignment;
+	} sadb_x_spirange_u;
+#define	sadb_spirange_max \
+	sadb_x_spirange_u.sadb_x_spirange_actual.sadb_x_spirange_umax
+#define	sadb_spirange_reserved \
+	sadb_x_spirange_u.sadb_x_spirange_actual.sadb_x_spirange_ureserved
+} sadb_spirange_t;
+
+/*
+ * For the "extended REGISTER" which'll tell the kernel to send me
+ * "extended ACQUIREs".
+ */
+
+typedef struct sadb_x_ereg {
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t sadb_x_ereg_ulen;
+			uint16_t sadb_x_ereg_uexttype;	/* X_EREG */
+			/* Array of SA types, 0-terminated. */
+			uint8_t sadb_x_ereg_usatypes[4];
+		} sadb_x_ereg_actual;
+		uint64_t sadb_x_ereg_alignment;
+	} sadb_x_ereg_u;
+#define	sadb_x_ereg_len \
+	sadb_x_ereg_u.sadb_x_ereg_actual.sadb_x_ereg_ulen
+#define	sadb_x_ereg_exttype \
+	sadb_x_ereg_u.sadb_x_ereg_actual.sadb_x_ereg_uexttype
+#define	sadb_x_ereg_satypes \
+	sadb_x_ereg_u.sadb_x_ereg_actual.sadb_x_ereg_usatypes
+} sadb_x_ereg_t;
+
+/*
+ * For conveying a Key Management Cookie with SADB_GETSPI, SADB_ADD,
+ * SADB_ACQUIRE, or SADB_X_INVERSE_ACQUIRE.
+ */
+
+typedef struct sadb_x_kmc {
+	uint16_t sadb_x_kmc_len;
+	uint16_t sadb_x_kmc_exttype;	/* X_KM_COOKIE */
+	uint32_t sadb_x_kmc_proto;	/* KM protocol */
+	union {
+		struct {
+			uint32_t sadb_x_kmc_ucookie;	/* KMP-specific */
+			uint32_t sadb_x_kmc_ureserved;	/* Must be zero */
+		} sadb_x_kmc_actual;
+		uint64_t sadb_x_kmc_alignment;
+	} sadb_x_kmc_u;
+#define	sadb_x_kmc_cookie sadb_x_kmc_u.sadb_x_kmc_actual.sadb_x_kmc_ucookie
+#define	sadb_x_kmc_reserved sadb_x_kmc_u.sadb_x_kmc_actual.sadb_x_kmc_ureserved
+} sadb_x_kmc_t;
+
+
+
+/*
+ * Base message types.
+ */
+
+#define	SADB_RESERVED	0
+#define	SADB_GETSPI	1
+#define	SADB_UPDATE	2
+#define	SADB_ADD	3
+#define	SADB_DELETE	4
+#define	SADB_GET	5
+#define	SADB_ACQUIRE	6
+#define	SADB_REGISTER	7
+#define	SADB_EXPIRE	8
+#define	SADB_FLUSH	9
+#define	SADB_DUMP	10   /* not used normally */
+#define	SADB_X_PROMISC	11
+#define	SADB_X_INVERSE_ACQUIRE	12
+#define	SADB_MAX		12
+
+/*
+ * SA flags
+ */
+
+#define	SADB_SAFLAGS_PFS	0x1	/* Perfect forward secrecy? */
+#define	SADB_SAFLAGS_NOREPLAY	0x2	/* Replay field NOT PRESENT. */
+
+/* Below flags are used by this implementation.  Grow from left-to-right. */
+#define	SADB_X_SAFLAGS_USED	0x80000000	/* SA used/not used */
+#define	SADB_X_SAFLAGS_UNIQUE	0x40000000	/* SA unique/reusable */
+#define	SADB_X_SAFLAGS_AALG1	0x20000000	/* Auth-alg specific flag 1 */
+#define	SADB_X_SAFLAGS_AALG2	0x10000000	/* Auth-alg specific flag 2 */
+#define	SADB_X_SAFLAGS_EALG1	 0x8000000	/* Encr-alg specific flag 1 */
+#define	SADB_X_SAFLAGS_EALG2	 0x4000000	/* Encr-alg specific flag 2 */
+#define	SADB_X_SAFLAGS_KM1	 0x2000000	/* Key mgmt. specific flag 1 */
+#define	SADB_X_SAFLAGS_KM2	 0x1000000	/* Key mgmt. specific flag 2 */
+#define	SADB_X_SAFLAGS_KM3	  0x800000	/* Key mgmt. specific flag 3 */
+#define	SADB_X_SAFLAGS_KM4	  0x400000	/* Key mgmt. specific flag 4 */
+	/* skip x200000 because it's used in the kernel */
+#define	SADB_X_SAFLAGS_NATT_LOC	  0x100000	/* this has a natted src SA */
+#define	SADB_X_SAFLAGS_NATT_REM	   0x80000	/* this has a natted dst SA */
+/*
+ * SA state.
+ */
+
+#define	SADB_SASTATE_LARVAL	  0
+#define	SADB_SASTATE_MATURE	  1
+#define	SADB_SASTATE_DYING	  2
+#define	SADB_SASTATE_DEAD	  3
+
+#define	SADB_SASTATE_MAX	  3
+
+/*
+ * SA type.  Gaps are present in the number space because (for the time being)
+ * these types correspond to the SA types in the IPsec DOI document.
+ */
+
+#define	SADB_SATYPE_UNSPEC	0
+#define	SADB_SATYPE_AH		2  /* RFC-1826 */
+#define	SADB_SATYPE_ESP		3  /* RFC-1827 */
+#define	SADB_SATYPE_RSVP	5  /* RSVP Authentication */
+#define	SADB_SATYPE_OSPFV2	6  /* OSPFv2 Authentication */
+#define	SADB_SATYPE_RIPV2	7  /* RIPv2 Authentication */
+#define	SADB_SATYPE_MIP		8  /* Mobile IPv4 Authentication */
+
+#define	SADB_SATYPE_MAX		8
+
+/*
+ * Algorithm types.  Gaps are present because (for the time being) these types
+ * correspond to the SA types in the IPsec DOI document.
+ *
+ * NOTE:  These are numbered to play nice with the IPsec DOI.  That's why
+ *	  there are gaps.
+ */
+
+/* Authentication algorithms */
+#define	SADB_AALG_NONE		0
+#define	SADB_AALG_MD5HMAC	2
+#define	SADB_AALG_SHA1HMAC	3
+
+#define	SADB_AALG_MAX		3
+
+/* Encryption algorithms */
+#define	SADB_EALG_NONE		0
+#define	SADB_EALG_DESCBC	2
+#define	SADB_EALG_3DESCBC	3
+#define	SADB_EALG_BLOWFISH	7
+#define	SADB_EALG_NULL		11
+#define	SADB_EALG_AES		12
+#define	SADB_EALG_MAX		12
+
+/*
+ * Extension header values.
+ */
+
+#define	SADB_EXT_RESERVED		0
+
+#define	SADB_EXT_SA			1
+#define	SADB_EXT_LIFETIME_CURRENT	2
+#define	SADB_EXT_LIFETIME_HARD		3
+#define	SADB_EXT_LIFETIME_SOFT		4
+#define	SADB_EXT_ADDRESS_SRC		5
+#define	SADB_EXT_ADDRESS_DST		6
+#define	SADB_EXT_ADDRESS_PROXY		7
+#define	SADB_EXT_KEY_AUTH		8
+#define	SADB_EXT_KEY_ENCRYPT		9
+#define	SADB_EXT_IDENTITY_SRC		10
+#define	SADB_EXT_IDENTITY_DST		11
+#define	SADB_EXT_SENSITIVITY		12
+#define	SADB_EXT_PROPOSAL		13
+#define	SADB_EXT_SUPPORTED_AUTH		14
+#define	SADB_EXT_SUPPORTED_ENCRYPT	15
+#define	SADB_EXT_SPIRANGE		16
+#define	SADB_X_EXT_EREG			17
+#define	SADB_X_EXT_EPROP		18
+#define	SADB_X_EXT_KM_COOKIE		19
+#define	SADB_X_EXT_ADDRESS_NATT_LOC	20
+#define	SADB_X_EXT_ADDRESS_NATT_REM	21
+
+#define	SADB_EXT_MAX			21
+
+/*
+ * Identity types.
+ */
+
+#define	SADB_IDENTTYPE_RESERVED 0
+
+/*
+ * For PREFIX and ADDR_RANGE, use the AF of the PROXY if present, or the SRC
+ * if not present.
+ */
+#define	SADB_IDENTTYPE_PREFIX		1
+#define	SADB_IDENTTYPE_FQDN		2  /* Fully qualified domain name. */
+#define	SADB_IDENTTYPE_USER_FQDN	3  /* e.g. root@domain.com */
+#define	SADB_X_IDENTTYPE_DN		4  /* ASN.1 DER Distinguished Name. */
+#define	SADB_X_IDENTTYPE_GN		5  /* ASN.1 DER Generic Name. */
+#define	SADB_X_IDENTTYPE_KEY_ID		6  /* Generic KEY ID. */
+#define	SADB_X_IDENTTYPE_ADDR_RANGE	7
+
+#define	SADB_IDENTTYPE_MAX 	7
+
+/*
+ * Protection DOI values for the SENSITIVITY extension.  There are no values
+ * currently, so the MAX is the only non-zero value available.
+ */
+
+#define	SADB_DPD_NONE	0
+
+#define	SADB_DPD_MAX	1
+
+/*
+ * Diagnostic codes.  These supplement error messages.  Be sure to
+ * update libipsecutil's keysock_diag() if you change any of these.
+ */
+
+#define	SADB_X_DIAGNOSTIC_PRESET		-1	/* Internal value. */
+
+#define	SADB_X_DIAGNOSTIC_NONE			0
+
+#define	SADB_X_DIAGNOSTIC_UNKNOWN_MSG		1
+#define	SADB_X_DIAGNOSTIC_UNKNOWN_EXT		2
+#define	SADB_X_DIAGNOSTIC_BAD_EXTLEN		3
+#define	SADB_X_DIAGNOSTIC_UNKNOWN_SATYPE	4
+#define	SADB_X_DIAGNOSTIC_SATYPE_NEEDED		5
+#define	SADB_X_DIAGNOSTIC_NO_SADBS		6
+#define	SADB_X_DIAGNOSTIC_NO_EXT		7
+/* Bad address family value */
+#define	SADB_X_DIAGNOSTIC_BAD_SRC_AF		8
+/* in sockaddr->sa_family. */
+#define	SADB_X_DIAGNOSTIC_BAD_DST_AF		9
+#define	SADB_X_DIAGNOSTIC_BAD_PROXY_AF		10
+#define	SADB_X_DIAGNOSTIC_AF_MISMATCH		11
+
+#define	SADB_X_DIAGNOSTIC_BAD_SRC		12
+#define	SADB_X_DIAGNOSTIC_BAD_DST		13
+
+#define	SADB_X_DIAGNOSTIC_ALLOC_HSERR		14
+#define	SADB_X_DIAGNOSTIC_BYTES_HSERR		15
+#define	SADB_X_DIAGNOSTIC_ADDTIME_HSERR		16
+#define	SADB_X_DIAGNOSTIC_USETIME_HSERR		17
+
+#define	SADB_X_DIAGNOSTIC_MISSING_SRC		18
+#define	SADB_X_DIAGNOSTIC_MISSING_DST		19
+#define	SADB_X_DIAGNOSTIC_MISSING_SA		20
+#define	SADB_X_DIAGNOSTIC_MISSING_EKEY		21
+#define	SADB_X_DIAGNOSTIC_MISSING_AKEY		22
+#define	SADB_X_DIAGNOSTIC_MISSING_RANGE		23
+
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_SRC		24
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_DST		25
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_SA		26
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_EKEY	27
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_AKEY	28
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_RANGE	29
+
+#define	SADB_X_DIAGNOSTIC_MALFORMED_SRC		30
+#define	SADB_X_DIAGNOSTIC_MALFORMED_DST		31
+#define	SADB_X_DIAGNOSTIC_MALFORMED_SA		32
+#define	SADB_X_DIAGNOSTIC_MALFORMED_EKEY	33
+#define	SADB_X_DIAGNOSTIC_MALFORMED_AKEY	34
+#define	SADB_X_DIAGNOSTIC_MALFORMED_RANGE	35
+
+#define	SADB_X_DIAGNOSTIC_AKEY_PRESENT		36
+#define	SADB_X_DIAGNOSTIC_EKEY_PRESENT		37
+#define	SADB_X_DIAGNOSTIC_PROP_PRESENT		38
+#define	SADB_X_DIAGNOSTIC_SUPP_PRESENT		39
+
+#define	SADB_X_DIAGNOSTIC_BAD_AALG		40
+#define	SADB_X_DIAGNOSTIC_BAD_EALG		41
+#define	SADB_X_DIAGNOSTIC_BAD_SAFLAGS		42
+#define	SADB_X_DIAGNOSTIC_BAD_SASTATE		43
+
+#define	SADB_X_DIAGNOSTIC_BAD_AKEYBITS		44
+#define	SADB_X_DIAGNOSTIC_BAD_EKEYBITS		45
+
+#define	SADB_X_DIAGNOSTIC_ENCR_NOTSUPP		46
+
+#define	SADB_X_DIAGNOSTIC_WEAK_EKEY		47
+#define	SADB_X_DIAGNOSTIC_WEAK_AKEY		48
+
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_KMP		49
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_KMC		50
+
+#define	SADB_X_DIAGNOSTIC_MISSING_NATT_LOC	51
+#define	SADB_X_DIAGNOSTIC_MISSING_NATT_REM	52
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_NATT_LOC	53
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_NATT_REM	54
+#define	SADB_X_DIAGNOSTIC_MALFORMED_NATT_LOC	55
+#define	SADB_X_DIAGNOSTIC_MALFORMED_NATT_REM	56
+#define	SADB_X_DIAGNOSTIC_DUPLICATE_NATT_PORTS	57
+#define	SADB_X_DIAGNOSTIC_MAX			57
+
+/* Algorithm type for sadb_x_algdesc above... */
+
+#define	SADB_X_ALGTYPE_NONE		0
+#define	SADB_X_ALGTYPE_AUTH		1
+#define	SADB_X_ALGTYPE_CRYPT		2
+#define	SADB_X_ALGTYPE_COMPRESS		3
+
+#define	SADB_X_ALGTYPE_MAX		3
+
+/* Key management protocol for sadb_x_kmc above... */
+
+#define	SADB_X_KMP_MANUAL	0
+#define	SADB_X_KMP_IKE		1
+#define	SADB_X_KMP_KINK		2
+
+#define	SADB_X_KMP_MAX		2
+
+/*
+ * Handy conversion macros.  Not part of the PF_KEY spec...
+ */
+
+#define	SADB_64TO8(x)	((x) << 3)
+#define	SADB_8TO64(x)	((x) >> 3)
+#define	SADB_8TO1(x)	((x) << 3)
+#define	SADB_1TO8(x)	((x) >> 3)
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _NET_PFKEYV2_H */
diff --git a/usr/src/uts/common/net/pfpolicy.h b/usr/src/uts/common/net/pfpolicy.h
new file mode 100644
index 0000000000..63c57022aa
--- /dev/null
+++ b/usr/src/uts/common/net/pfpolicy.h
@@ -0,0 +1,499 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License").  You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#ifndef	_NET_PFPOLICY_H
+#define	_NET_PFPOLICY_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+/*
+ * Definitions and structures for PF_POLICY version 1.
+ *
+ * This local protocol provides an interface allowing utilities to
+ * manage a system's IPsec System Policy Database; see RFC2401 for a
+ * conceptual overview of the SPD.
+ * The basic encoding is modelled on PF_KEY version 2; see pfkeyv2.h
+ * and RFC2367 for more information.
+ */
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+#define	PF_POLICY_V1		1
+#define	PF_POLICY_REVISION	200304L
+
+/*
+ * Base PF_POLICY message header.  Each request/response starts with
+ * one of these, followed by some number of extensions.  Each
+ * extension type appears at most once in a message.  spd_msg_len
+ * contains the total length of the message including header.
+ */
+typedef struct spd_msg
+{
+	uint8_t spd_msg_version;	/* PF_POLICY_V1 */
+	uint8_t spd_msg_type;		/* ADD, DELETE, QUERY, ... */
+	uint8_t spd_msg_errno;		/* Unix errno space; mbz on request */
+	uint8_t spd_msg_spdid;		/* which policy db instance */
+	uint16_t spd_msg_len;		/* in 64-bit words */
+	uint16_t spd_msg_diagnostic;	/* additional error reason */
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint32_t spd_msg_useq;		/* set by sender */
+			uint32_t spd_msg_upid;		/* set by sender */
+		} spd_msg_actual;
+		uint64_t spd_msg_alignment;
+	} spd_msg_u;
+#define	spd_msg_seq spd_msg_u.spd_msg_actual.spd_msg_useq
+#define	spd_msg_pid spd_msg_u.spd_msg_actual.spd_msg_upid
+} spd_msg_t;
+
+/*
+ * Command numbers, found in spd_msg_type.
+ */
+#define	SPD_RESERVED				0
+#define	SPD_MIN					1
+#define	SPD_FLUSH				1
+#define	SPD_ADDRULE				2
+#define	SPD_DELETERULE				3
+#define	SPD_FLIP				4
+#define	SPD_LOOKUP				5
+#define	SPD_DUMP				6
+#define	SPD_CLONE				7
+#define	SPD_ALGLIST				8
+#define	SPD_DUMPALGS				9
+#define	SPD_UPDATEALGS				10
+#define	SPD_MAX					10
+
+/*
+ * Well-known policy db instances, found in spd_msg_spdid
+ */
+#define	SPD_ACTIVE		0	/* The currently active instance */
+#define	SPD_STANDBY		1 	/* "on deck" standby SPD */
+
+/*
+ * The spd_msg_t is followed by extensions, which start with the
+ * following header; each extension structure includes the length and
+ * type fields internally as an overlay to simplify parsing and
+ * construction.
+ */
+typedef struct spd_ext
+{
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t spd_ext_ulen;		/* in 64-bit words */
+			uint16_t spd_ext_utype;		/* 0 is reserved */
+		} spd_ext_actual;
+		uint64_t spd_ext_alignment;
+	} spd_ext_u;
+#define	spd_ext_len spd_ext_u.spd_ext_actual.spd_ext_ulen
+#define	spd_ext_type spd_ext_u.spd_ext_actual.spd_ext_utype
+} spd_ext_t;
+
+/*
+ * Extension numbers, found in spd_ext_type.
+ */
+
+#define	SPD_EXT_LCLPORT				1
+#define	SPD_EXT_REMPORT				2
+#define	SPD_EXT_PROTO				3
+#define	SPD_EXT_LCLADDR				4
+#define	SPD_EXT_REMADDR				5
+
+#define	SPD_EXT_ACTION				6
+#define	SPD_EXT_RULE				7
+#define	SPD_EXT_RULESET				8
+#define	SPD_EXT_ICMP_TYPECODE  	9
+
+#define	SPD_EXT_MAX				9
+
+/*
+ * base policy rule (attributes which every rule has)
+ *
+ * spd_rule_index MBZ on a SPD_ADD, and is assigned by the kernel.
+ * subsequent deletes can operate either by specifying selectors or by
+ * specifying a non-zero rule index.
+ */
+struct spd_rule
+{
+	uint16_t spd_rule_len;
+	uint16_t spd_rule_type;		/* SPD_EXT_RULE */
+	uint32_t spd_rule_priority;
+	uint32_t spd_rule_flags;	/* INBOUND, OUTBOUND, ... */
+	uint32_t spd_rule_unused;
+	uint64_t spd_rule_index;	/* unique rule identifier. */
+};
+
+/*
+ * Flags for spd_rule.spd_rule_flags
+ */
+#define	SPD_RULE_FLAG_INBOUND		0x0001
+#define	SPD_RULE_FLAG_OUTBOUND		0x0002
+
+/*
+ * Address selectors.   Different from PF_KEY because we want a
+ * more precise format for wildcards on ports/protocol.
+ */
+typedef struct spd_address {
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t spd_address_ulen;
+			uint16_t spd_address_uexttype;	/* SRC, DST */
+			uint8_t spd_address_uaf;	/* address family. */
+			uint8_t spd_address_uprefixlen;	/* Prefix len (bits). */
+			uint16_t spd_address_ureserved2; /* Padding */
+		} spd_address_actual;
+		uint64_t spd_address_alignment;
+	} spd_address_u;
+	/*
+	 * .. followed by 4 bytes of IPv4 or 16 bytes of IPv6 address,
+	 * padded up to next uint64_t
+	 */
+#define	spd_address_len	\
+	spd_address_u.spd_address_actual.spd_address_ulen
+#define	spd_address_exttype \
+	spd_address_u.spd_address_actual.spd_address_uexttype
+#define	spd_address_af \
+	spd_address_u.spd_address_actual.spd_address_uaf
+#define	spd_address_prefixlen \
+	spd_address_u.spd_address_actual.spd_address_uprefixlen
+#define	spd_address_reserved2 \
+	spd_address_u.spd_address_actual.spd_address_ureserved2
+} spd_address_t;
+
+/*
+ * Protocol selector
+ */
+struct spd_proto
+{
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t spd_proto_ulen;
+			uint16_t spd_proto_uexttype;		/* PROTO */
+			uint8_t spd_proto_unumber;		/* IPPROTO_* */
+			uint8_t	spd_proto_ureserved1;		 /* pad */
+			uint16_t spd_proto_ureserved2;		 /* pad */
+		} spd_proto_actual;
+		uint64_t spd_proto_alignment;
+	} spd_proto_u;
+#define	spd_proto_len spd_proto_u.spd_proto_actual.spd_proto_ulen
+#define	spd_proto_exttype spd_proto_u.spd_proto_actual.spd_proto_uexttype
+#define	spd_proto_number spd_proto_u.spd_proto_actual.spd_proto_unumber
+#define	spd_proto_reserved1 spd_proto_u.spd_proto_actual.spd_proto_ureserved1
+#define	spd_proto_reserved2 spd_proto_u.spd_proto_actual.spd_proto_ureserved2
+};
+
+/*
+ * Port selector.  We only support minport==maxport at present.
+ */
+struct spd_portrange
+{
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t spd_ports_ulen;
+			uint16_t spd_ports_uexttype;	/* LCLPORT, REMPORT */
+			uint16_t spd_ports_uminport;	/* min port */
+			uint16_t spd_ports_umaxport;	/* max port */
+		} spd_ports_actual;
+		uint64_t spd_ports_alignment;
+	} spd_ports_u;
+#define	spd_ports_len spd_ports_u.spd_ports_actual.spd_ports_ulen
+#define	spd_ports_exttype spd_ports_u.spd_ports_actual.spd_ports_uexttype
+#define	spd_ports_minport spd_ports_u.spd_ports_actual.spd_ports_uminport
+#define	spd_ports_maxport spd_ports_u.spd_ports_actual.spd_ports_umaxport
+};
+
+/*
+ * ICMP type selector.
+ */
+struct spd_typecode
+{
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t spd_typecode_ulen;
+			uint16_t spd_typecode_uexttype;	/* ICMP_TYPECODE */
+			uint8_t  spd_typecode_utype;
+			uint8_t  spd_typecode_utype_end;
+			uint8_t  spd_typecode_ucode;
+			uint8_t  spd_typecode_ucode_end;
+		} spd_typecode_actual;
+		uint64_t spd_typecode_alignment;
+	} spd_typecode_u;
+#define	spd_typecode_len	\
+    spd_typecode_u.spd_typecode_actual.spd_typecode_ulen
+#define	spd_typecode_exttype	\
+    spd_typecode_u.spd_typecode_actual.spd_typecode_uexttype
+#define	spd_typecode_type	\
+    spd_typecode_u.spd_typecode_actual.spd_typecode_utype
+#define	spd_typecode_type_end	\
+    spd_typecode_u.spd_typecode_actual.spd_typecode_utype_end
+#define	spd_typecode_code	\
+    spd_typecode_u.spd_typecode_actual.spd_typecode_ucode
+#define	spd_typecode_code_end	\
+    spd_typecode_u.spd_typecode_actual.spd_typecode_ucode_end
+};
+
+
+/*
+ * Actions, specifying what happens to packets which match selectors.
+ * This extension is followed by some number of spd_attribute tag-value pairs
+ * which encode one or more alternative policies; see below for
+ * the encoding used.
+ */
+struct spd_ext_actions
+{
+	/* Union is for guaranteeing 64-bit alignment. */
+	union {
+		struct {
+			uint16_t spd_actions_ulen;
+			uint16_t spd_actions_uexttype;	/* ACTION */
+			uint16_t spd_actions_ucount;	/* # of alternatives */
+			uint16_t spd_actions_ureserved;
+		} spd_actions_actual;
+		uint64_t spd_actions_alignment;
+	} spd_actions_u;
+#define	spd_actions_len \
+	spd_actions_u.spd_actions_actual.spd_actions_ulen
+#define	spd_actions_exttype \
+	spd_actions_u.spd_actions_actual.spd_actions_uexttype
+#define	spd_actions_count \
+	spd_actions_u.spd_actions_actual.spd_actions_ucount
+#define	spd_actions_reserved \
+	spd_actions_u.spd_actions_actual.spd_actions_ureserved
+};
+
+/*
+ * Extensible encoding for requested SA attributes.
+ * To allow additional attributes to be added, we use a simple-to-interpret
+ * (tag, value) encoding to fill in attributes in a list of alternatives.
+ *
+ * We fill in alternatives one at a time, starting with most-preferred,
+ * proceeding to least-preferred.
+ *
+ * Conceptually, we are filling in attributes of a "template", and
+ * then copying that template value into the list of alternatives when
+ * we see a SPD_ATTR_END or SPD_ATTR_NEXT.
+ *
+ * The template is not changed by SPD_ATTR_NEXT, so that attributes common to
+ * all alternatives need only be mentioned once.
+ *
+ * spd_actions_count is the maximum number of alternatives present; it
+ * should be one greater than the number of SPD_ATTR_NEXT opcodes
+ * present in the sequence.
+ */
+
+struct spd_attribute
+{
+	union {
+		struct {
+			uint32_t	spd_attr_utag;
+			uint32_t	spd_attr_uvalue;
+		} spd_attribute_actual;
+		uint64_t spd_attribute_alignment;
+	} spd_attribute_u;
+#define	spd_attr_tag spd_attribute_u.spd_attribute_actual.spd_attr_utag
+#define	spd_attr_value spd_attribute_u.spd_attribute_actual.spd_attr_uvalue
+};
+
+#define	SPD_ATTR_NOP	0x00000000	/* space filler */
+#define	SPD_ATTR_END	0x00000001	/* end of description */
+#define	SPD_ATTR_EMPTY	0x00000002	/* reset template to default */
+#define	SPD_ATTR_NEXT	0x00000003	/* start filling next alternative */
+
+#define	SPD_ATTR_TYPE			0x00000100
+#define	SPD_ATTR_FLAGS			0x00000101
+#define	SPD_ATTR_AH_AUTH		0x00000102
+#define	SPD_ATTR_ESP_ENCR		0x00000103
+#define	SPD_ATTR_ESP_AUTH		0x00000104
+#define	SPD_ATTR_ENCR_MINBITS		0x00000105
+#define	SPD_ATTR_ENCR_MAXBITS		0x00000106
+#define	SPD_ATTR_AH_MINBITS		0x00000107
+#define	SPD_ATTR_AH_MAXBITS		0x00000108
+#define	SPD_ATTR_LIFE_SOFT_TIME		0x00000109
+#define	SPD_ATTR_LIFE_HARD_TIME		0x0000010a
+#define	SPD_ATTR_LIFE_SOFT_BYTES	0x0000010b
+#define	SPD_ATTR_LIFE_HARD_BYTES	0x0000010c
+#define	SPD_ATTR_KM_PROTO		0x0000010d
+#define	SPD_ATTR_KM_COOKIE		0x0000010e
+#define	SPD_ATTR_REPLAY_DEPTH		0x0000010f
+#define	SPD_ATTR_ESPA_MINBITS		0x00000110
+#define	SPD_ATTR_ESPA_MAXBITS		0x00000111
+#define	SPD_ATTR_ENCR_DEFBITS		0x00000112
+#define	SPD_ATTR_ENCR_INCRBITS		0x00000113
+#define	SPD_ATTR_AH_DEFBITS		0x00000114
+#define	SPD_ATTR_AH_INCRBITS		0x00000115
+#define	SPD_ATTR_ESPA_DEFBITS		0x00000116
+#define	SPD_ATTR_ESPA_INCRBITS		0x00000117
+#define	SPD_ATTR_ALG_ID			0x00000118
+#define	SPD_ATTR_ALG_PROTO		0x00000119
+#define	SPD_ATTR_ALG_INCRBITS		0x0000011a
+#define	SPD_ATTR_ALG_NKEYSIZES		0x0000011b
+#define	SPD_ATTR_ALG_KEYSIZE		0x0000011c
+#define	SPD_ATTR_ALG_NBLOCKSIZES	0x0000011d
+#define	SPD_ATTR_ALG_BLOCKSIZE		0x0000011e
+#define	SPD_ATTR_ALG_MECHNAME		0x0000011f
+#define	SPD_ATTR_PROTO_ID		0x00000120
+#define	SPD_ATTR_PROTO_EXEC_MODE	0x00000121
+
+/*
+ * Minimum, maximum key lengths in bits.
+ */
+#define	SPD_MIN_MINBITS		0x0000
+#define	SPD_MAX_MAXBITS		0xffff
+
+/*
+ * IPsec action types (in SPD_ATTR_TYPE attribute)
+ */
+#define	SPD_ACTTYPE_DROP	0x0001
+#define	SPD_ACTTYPE_PASS	0x0002
+#define	SPD_ACTTYPE_IPSEC	0x0003
+
+/*
+ * Action flags (in SPD_ATTR_FLAGS attribute)
+ */
+#define	SPD_APPLY_AH		0x0001
+#define	SPD_APPLY_ESP		0x0002
+#define	SPD_APPLY_SE		0x0004  /* self-encapsulation */
+#define	SPD_APPLY_COMP		0x0008	/* compression; NYI */
+#define	SPD_APPLY_UNIQUE	0x0010	/* unique per-flow SA */
+#define	SPD_APPLY_BYPASS	0x0020	/* bypass policy */
+#define	SPD_APPLY_ESPA		0x0040 	/* ESP authentication */
+
+/*
+ * SW crypto execution modes.
+ */
+#define	SPD_ALG_EXEC_MODE_SYNC		1	/* synchronous */
+#define	SPD_ALG_EXEC_MODE_ASYNC		2	/* asynchronous */
+
+/*
+ * SPD_DUMP protocol:
+ *
+ * We do not want to force an stack to have to read-lock the entire
+ * SPD for the duration of the dump, but we want management apps to be
+ * able to get a consistent snapshot of the SPD.
+ *
+ * Therefore, we make optimistic locking assumptions.
+ *
+ * The response to a SPD_DUMP request consists of multiple spd_msg
+ * records, all with spd_msg_type == SPD_DUMP and spd_msg_{seq,pid}
+ * matching the request.
+ *
+ * There is one header, then a sequence of policy rule records (one
+ * rule per record), then a trailer.
+ *
+ * The header and trailer both contain a single SPD_EXT_RULESET
+ * containing a version number and rule count.  The dump was "good" if
+ * header version == trailer version, and the number of rules read by
+ * the application matches the rule count in the trailer.  The rule
+ * count in the header is unused and should be set to zero.
+ *
+ * In between, each rule record contains a set of extensions which, if
+ * used in an SPD_ADD request, would recreate an equivalent rule.
+ *
+ * If rules were added to the SPD during the dump, the dump may be
+ * truncated or otherwise incomplete; the management application
+ * should re-try the dump in this case.
+ */
+
+/*
+ * Ruleset extension, used at the start and end of a SPD_DUMP.
+ */
+typedef struct spd_ruleset_ext
+{
+	uint16_t spd_ruleset_len;	/* 2 x 64 bits */
+	uint16_t spd_ruleset_type;	/* SPD_EXT_RULESET */
+	uint32_t spd_ruleset_count;	/* only valid in trailer */
+	uint64_t spd_ruleset_version;	/* version number */
+} spd_ruleset_ext_t;
+
+/*
+ * Diagnostic codes.  These supplement error messages.  Be sure to
+ * update libipsecutil's spdsock_diag() if you change any of these.
+ */
+#define	SPD_DIAGNOSTIC_NONE			0
+#define	SPD_DIAGNOSTIC_UNKNOWN_EXT		1
+#define	SPD_DIAGNOSTIC_BAD_EXTLEN		2
+#define	SPD_DIAGNOSTIC_NO_RULE_EXT		3
+#define	SPD_DIAGNOSTIC_BAD_ADDR_LEN		4
+#define	SPD_DIAGNOSTIC_MIXED_AF			5
+#define	SPD_DIAGNOSTIC_ADD_NO_MEM		6
+#define	SPD_DIAGNOSTIC_ADD_WRONG_ACT_COUNT	7
+#define	SPD_DIAGNOSTIC_ADD_BAD_TYPE		8
+#define	SPD_DIAGNOSTIC_ADD_BAD_FLAGS		9
+#define	SPD_DIAGNOSTIC_ADD_INCON_FLAGS		10
+#define	SPD_DIAGNOSTIC_MALFORMED_LCLPORT 	11
+#define	SPD_DIAGNOSTIC_DUPLICATE_LCLPORT	12
+#define	SPD_DIAGNOSTIC_MALFORMED_REMPORT	13
+#define	SPD_DIAGNOSTIC_DUPLICATE_REMPORT	14
+#define	SPD_DIAGNOSTIC_MALFORMED_PROTO		15
+#define	SPD_DIAGNOSTIC_DUPLICATE_PROTO		16
+#define	SPD_DIAGNOSTIC_MALFORMED_LCLADDR	17
+#define	SPD_DIAGNOSTIC_DUPLICATE_LCLADDR	18
+#define	SPD_DIAGNOSTIC_MALFORMED_REMADDR	19
+#define	SPD_DIAGNOSTIC_DUPLICATE_REMADDR	20
+#define	SPD_DIAGNOSTIC_MALFORMED_ACTION		21
+#define	SPD_DIAGNOSTIC_DUPLICATE_ACTION		22
+#define	SPD_DIAGNOSTIC_MALFORMED_RULE		23
+#define	SPD_DIAGNOSTIC_DUPLICATE_RULE		24
+#define	SPD_DIAGNOSTIC_MALFORMED_RULESET	25
+#define	SPD_DIAGNOSTIC_DUPLICATE_RULESET	26
+#define	SPD_DIAGNOSTIC_INVALID_RULE_INDEX	27
+#define	SPD_DIAGNOSTIC_BAD_SPDID		28
+#define	SPD_DIAGNOSTIC_BAD_MSG_TYPE		29
+#define	SPD_DIAGNOSTIC_UNSUPP_AH_ALG		30
+#define	SPD_DIAGNOSTIC_UNSUPP_ESP_ENCR_ALG	31
+#define	SPD_DIAGNOSTIC_UNSUPP_ESP_AUTH_ALG	32
+#define	SPD_DIAGNOSTIC_UNSUPP_AH_KEYSIZE	33
+#define	SPD_DIAGNOSTIC_UNSUPP_ESP_ENCR_KEYSIZE	34
+#define	SPD_DIAGNOSTIC_UNSUPP_ESP_AUTH_KEYSIZE	35
+#define	SPD_DIAGNOSTIC_NO_ACTION_EXT		36
+#define	SPD_DIAGNOSTIC_ALG_ID_RANGE		37
+#define	SPD_DIAGNOSTIC_ALG_NUM_KEY_SIZES	38
+#define	SPD_DIAGNOSTIC_ALG_NUM_BLOCK_SIZES	39
+#define	SPD_DIAGNOSTIC_ALG_MECH_NAME_LEN	40
+#define	SPD_DIAGNOSTIC_ALG_IPSEC_NOT_LOADED	41
+#define	SPD_DIAGNOSTIC_MALFORMED_ICMP_TYPECODE	42
+#define	SPD_DIAGNOSTIC_DUPLICATE_ICMP_TYPECODE	43
+
+/*
+ * Helper macros.
+ */
+#define	SPD_64TO8(x)	((x) << 3)
+#define	SPD_8TO64(x)	((x) >> 3)
+#define	SPD_8TO1(x)	((x) << 3)
+#define	SPD_1TO8(x)	((x) >> 3)
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _NET_PFPOLICY_H */
diff --git a/usr/src/uts/common/net/ppp-comp.h b/usr/src/uts/common/net/ppp-comp.h
new file mode 100644
index 0000000000..df9540477a
--- /dev/null
+++ b/usr/src/uts/common/net/ppp-comp.h
@@ -0,0 +1,226 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License").  You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * ppp-comp.h - Definitions for doing PPP packet compression.
+ *
+ * Copyright (c) 2000 by Sun Microsystems, Inc.
+ * All rights reserved.
+ *
+ * Copyright (c) 1994 The Australian National University.
+ * All rights reserved.
+ *
+ * Permission to use, copy, modify, and distribute this software and its
+ * documentation is hereby granted, provided that the above copyright
+ * notice appears in all copies.  This software is provided without any
+ * warranty, express or implied. The Australian National University
+ * makes no representations about the suitability of this software for
+ * any purpose.
+ *
+ * IN NO EVENT SHALL THE AUSTRALIAN NATIONAL UNIVERSITY BE LIABLE TO ANY
+ * PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
+ * ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF
+ * THE AUSTRALIAN NATIONAL UNIVERSITY HAVE BEEN ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ *
+ * THE AUSTRALIAN NATIONAL UNIVERSITY SPECIFICALLY DISCLAIMS ANY WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE.  THE SOFTWARE PROVIDED HEREUNDER IS
+ * ON AN "AS IS" BASIS, AND THE AUSTRALIAN NATIONAL UNIVERSITY HAS NO
+ * OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS,
+ * OR MODIFICATIONS.
+ *
+ * $Id: ppp-comp.h,v 1.11 1998/03/25 03:33:34 paulus Exp $
+ */
+
+#ifndef _NET_PPP_COMP_H
+#define	_NET_PPP_COMP_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * The following symbols control whether we include code for
+ * various compression methods.
+ */
+#ifndef DO_BSD_COMPRESS
+#define	DO_BSD_COMPRESS	1	/* by default, include BSD-Compress */
+#endif
+#ifndef DO_DEFLATE
+#define	DO_DEFLATE	1	/* by default, include Deflate */
+#endif
+#define	DO_PREDICTOR_1	0
+#define	DO_PREDICTOR_2	0
+
+/*
+ * Structure giving methods for compression/decompression.
+ */
+#ifdef PACKETPTR
+struct compressor {
+	int	compress_proto;	/* CCP compression protocol number */
+
+	/* Allocate space for a compressor (transmit side) */
+	void	*(*comp_alloc) __P((uchar_t *options, int opt_len));
+	/* Free space used by a compressor */
+	void	(*comp_free) __P((void *state));
+	/* Initialize a compressor */
+	int	(*comp_init) __P((void *state, uchar_t *options, int opt_len,
+	    int unit, int hdrlen, int debug));
+	/* Reset a compressor */
+	void	(*comp_reset) __P((void *state));
+	/* Compress a packet */
+	int	(*compress) __P((void *state, PACKETPTR *mret,
+	    PACKETPTR mp, int orig_len, int max_len));
+	/* Return compression statistics */
+	void	(*comp_stat) __P((void *state, struct compstat *stats));
+
+	/* Allocate space for a decompressor (receive side) */
+	void	*(*decomp_alloc) __P((uchar_t *options, int opt_len));
+	/* Free space used by a decompressor */
+	void	(*decomp_free) __P((void *state));
+	/* Initialize a decompressor */
+	int	(*decomp_init) __P((void *state, uchar_t *options, int opt_len,
+				    int unit, int hdrlen, int mru, int debug));
+	/* Reset a decompressor */
+	void	(*decomp_reset) __P((void *state));
+	/* Decompress a packet. */
+	int	(*decompress) __P((void *state, PACKETPTR *mp));
+	/* Update state for an incompressible packet received */
+	int	(*incomp) __P((void *state, PACKETPTR mp));
+	/* Return decompression statistics */
+	void	(*decomp_stat) __P((void *state, struct compstat *stats));
+
+	/* Set or change compression effort level */
+	int	(*set_effort) __P((void *xstate, void *rstate,
+	    int effortlevel));
+};
+#endif /* PACKETPTR */
+
+/*
+ * Return values for decompress routine.
+ * We need to make these distinctions so that we can disable certain
+ * useful functionality, namely sending a CCP reset-request as a result
+ * of an error detected after decompression.  This is to avoid infringing
+ * a patent held by Motorola.
+ * Don't you just lurve software patents.
+ */
+#define	DECOMP_OK		0	/* everything went OK */
+#define	DECOMP_ERROR		1	/* error detected before decomp. */
+#define	DECOMP_FATALERROR	2	/* error detected after decomp. */
+
+/*
+ * CCP codes.
+ */
+#define	CCP_CONFREQ	1
+#define	CCP_CONFACK	2
+#define	CCP_TERMREQ	5
+#define	CCP_TERMACK	6
+#define	CCP_RESETREQ	14
+#define	CCP_RESETACK	15
+
+/*
+ * Max # bytes for a CCP option
+ */
+#define	CCP_MAX_OPTION_LENGTH	32
+
+/*
+ * Parts of a CCP packet.
+ */
+#define	CCP_CODE(dp)		((dp)[0])
+#define	CCP_ID(dp)		((dp)[1])
+#define	CCP_LENGTH(dp)		(((dp)[2] << 8) + (dp)[3])
+#define	CCP_HDRLEN		4
+
+#define	CCP_OPT_CODE(dp)	((dp)[0])
+#define	CCP_OPT_LENGTH(dp)	((dp)[1])
+#define	CCP_OPT_MINLEN		2
+
+/*
+ * Definitions for BSD-Compress.
+ */
+#define	CI_BSD_COMPRESS		21	/* config. option for BSD-Compress */
+#define	CILEN_BSD_COMPRESS	3	/* length of config. option */
+
+/* Macros for handling the 3rd byte of the BSD-Compress config option. */
+#define	BSD_NBITS(x)		((x) & 0x1F)	/* number of bits requested */
+#define	BSD_VERSION(x)		((x) >> 5)	/* version of option format */
+#define	BSD_CURRENT_VERSION	1		/* current version number */
+#define	BSD_MAKE_OPT(v, n)	(((v) << 5) | (n))
+
+#define	BSD_MIN_BITS		9	/* smallest code size supported */
+#define	BSD_MAX_BITS		15	/* largest code size supported */
+
+/*
+ * Definitions for Deflate.
+ */
+#define	CI_DEFLATE		26	/* config option for Deflate */
+#define	CI_DEFLATE_DRAFT	24	/* value used in original draft RFC */
+#define	CILEN_DEFLATE		4	/* length of its config option */
+
+#define	DEFLATE_MIN_SIZE	8
+#define	DEFLATE_MAX_SIZE	15
+#define	DEFLATE_METHOD_VAL	8
+#define	DEFLATE_SIZE(x)		(((x) >> 4) + DEFLATE_MIN_SIZE)
+#define	DEFLATE_METHOD(x)	((x) & 0x0F)
+#define	DEFLATE_MAKE_OPT(w)	((((w) - DEFLATE_MIN_SIZE) << 4) \
+				    + DEFLATE_METHOD_VAL)
+#define	DEFLATE_CHK_SEQUENCE	0
+
+/*
+ * Definitions for other, as yet unsupported, compression methods.
+ */
+#define	CI_PREDICTOR_1		1	/* config option for Predictor-1 */
+#define	CILEN_PREDICTOR_1	2	/* length of its config option */
+#define	CI_PREDICTOR_2		2	/* config option for Predictor-2 */
+#define	CILEN_PREDICTOR_2	2	/* length of its config option */
+
+/*
+ * Note that some systems emit requests for STAC using a length of 6.
+ * The extra octet is 00 and should be ignored.
+ */
+#define	CI_STAC			17	/* config option for STAC LZS */
+#define	CILEN_STAC		5	/* length of its config option */
+
+#define	STAC_CHK_NONE		0	/* No checking */
+#define	STAC_CHK_LCB		1	/* Longitudinal Check Bytes */
+#define	STAC_CHK_CRC		2	/* Cyclic Redundancy Check */
+#define	STAC_CHK_SEQ		3	/* Sequence Number */
+#define	STAC_CHK_EXTENDED	4	/* Extended (Microsoft) */
+
+#define	CI_MPPC			18	/* config option for MS-PPC */
+#define	CILEN_MPPC		6	/* length of its config option */
+
+#define	MPPC_COMP		0x00000001	/* Compression */
+#define	MPPC_40LANM		0x00000010	/* MPPE, 40 bit LANManager */
+#define	MPPC_40NT		0x00000020	/* MPPE, 40 bit NT key */
+#define	MPPC_128NT		0x00000040	/* MPPE, 128 bit NT key */
+#define	MPPC_56NT		0x00000080	/* MPPE, 56 bit NT key */
+#define	MPPC_PBP		0x01000000	/* Packet-by-Packet mode */
+#define	MPPC_MPPE		0x000000F0
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _NET_PPP_COMP_H */
diff --git a/usr/src/uts/common/net/ppp_defs.h b/usr/src/uts/common/net/ppp_defs.h
new file mode 100644
index 0000000000..d515dbc671
--- /dev/null
+++ b/usr/src/uts/common/net/ppp_defs.h
@@ -0,0 +1,315 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License").  You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*	$Id: ppp_defs.h,v 1.14 1999/08/13 01:55:40 paulus Exp $	*/
+
+/*
+ * ppp_defs.h - PPP definitions.
+ *
+ * Copyright 2000-2003 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ *
+ * Copyright (c) 1994 The Australian National University.
+ * All rights reserved.
+ *
+ * Permission to use, copy, modify, and distribute this software and its
+ * documentation is hereby granted, provided that the above copyright
+ * notice appears in all copies.  This software is provided without any
+ * warranty, express or implied. The Australian National University
+ * makes no representations about the suitability of this software for
+ * any purpose.
+ *
+ * IN NO EVENT SHALL THE AUSTRALIAN NATIONAL UNIVERSITY BE LIABLE TO ANY
+ * PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
+ * ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF
+ * THE AUSTRALIAN NATIONAL UNIVERSITY HAVE BEEN ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ *
+ * THE AUSTRALIAN NATIONAL UNIVERSITY SPECIFICALLY DISCLAIMS ANY WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE.  THE SOFTWARE PROVIDED HEREUNDER IS
+ * ON AN "AS IS" BASIS, AND THE AUSTRALIAN NATIONAL UNIVERSITY HAS NO
+ * OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS,
+ * OR MODIFICATIONS.
+ */
+
+#ifndef _PPP_DEFS_H_
+#define	_PPP_DEFS_H_
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * The basic PPP frame.
+ */
+#define	PPP_HDRLEN	4	/* octets for standard ppp header */
+#define	PPP_FCSLEN	2	/* octets for FCS */
+#define	PPP_FCS32LEN	4	/* octets for FCS-32 */
+#define	PPP_MAX_MUX_LEN	127	/* maximum length of muxed frame */
+#define	PFF		0x80	/* protocol field flag */
+
+/*
+ * Packet sizes
+ */
+#define	PPP_MTU		1500	/* Default MTU (size of Info field) */
+#define	PPP_MAXMTU	65535 - (PPP_HDRLEN + PPP_FCSLEN)
+#define	PPP_MINMTU	64
+#define	PPP_MRU		1500	/* default MRU = max length of info field */
+#define	PPP_MAXMRU	65000	/* Largest MRU we allow */
+#define	PPP_MINMRU	128
+
+#define	PPP_ADDRESS(p)	(((uchar_t *)(p))[0])
+#define	PPP_CONTROL(p)	(((uchar_t *)(p))[1])
+#define	PPP_PROTOCOL(p)	((((uchar_t *)(p))[2] << 8) + ((uchar_t *)(p))[3])
+
+/*
+ * Significant octet values.
+ */
+#define	PPP_ALLSTATIONS	0xff	/* All-Stations broadcast address */
+#define	PPP_UI		0x03	/* Unnumbered Information */
+#define	PPP_FLAG	0x7e	/* Flag Sequence */
+#define	PPP_ESCAPE	0x7d	/* Asynchronous Control Escape */
+#define	PPP_TRANS	0x20	/* Asynchronous transparency modifier */
+
+/*
+ * Protocol field values.
+ */
+#define	PPP_IP		0x21	/* Internet Protocol */
+#define	PPP_OSI		0x23	/* OSI Network Layer */
+#define	PPP_AT		0x29	/* AppleTalk Protocol */
+#define	PPP_IPX		0x2b	/* IPX protocol */
+#define	PPP_VJC_COMP	0x2d	/* VJ compressed TCP */
+#define	PPP_VJC_UNCOMP	0x2f	/* VJ uncompressed TCP */
+#define	PPP_BRIDGE	0x31	/* Bridging */
+#define	PPP_MP		0x3d	/* Multilink protocol */
+#define	PPP_ENCRYPT	0x53	/* Encryption */
+#define	PPP_ENCRYPTFRAG	0x55	/* Individual Link Encryption */
+#define	PPP_IPV6	0x57	/* Internet Protocol Version 6 */
+#define	PPP_MUX		0x59	/* PPP Muxing */
+#define	PPP_FULLHDR	0x61	/* IP Compression; full header */
+#define	PPP_COMPTCP	0x63	/* IP Compression; compressed TCP */
+#define	PPP_COMPNONTCP	0x65	/* IP Compression; non TCP */
+#define	PPP_COMPUDP8	0x67	/* IP Compression; UDP, 8 bit CID */
+#define	PPP_COMPRTP8	0x69	/* IP Compression; RTP, 8 bit CID */
+#define	PPP_COMPFRAG	0xfb	/* fragment compressed below bundle */
+#define	PPP_COMP	0xfd	/* compressed packet */
+#define	PPP_802HELLO	0x201	/* 802.1d Hello (OBSOLETE) */
+#define	PPP_MPLS	0x281	/* MPLS Unicast */
+#define	PPP_MPLSMC	0x283	/* MPLS Multicast */
+#define	PPP_COMPTCPND	0x2063	/* IP Compression; compressed TCP no delta */
+#define	PPP_COMPSTATE	0x2065	/* IP Compression; state message */
+#define	PPP_COMPUDP16	0x2067	/* IP Compression; UDP, 16 bit CID */
+#define	PPP_COMPRTP16	0x2069	/* IP Compression; RTP, 16 bit CID */
+#define	PPP_IPCP	0x8021	/* IP Control Protocol */
+#define	PPP_OSINLCP	0x8023	/* OSI Network Layer Control Protocol */
+#define	PPP_ATCP	0x8029	/* AppleTalk Control Protocol */
+#define	PPP_IPXCP	0x802b	/* IPX Control Protocol */
+#define	PPP_BCP		0x8031	/* Bridging Control Protocol */
+#define	PPP_ECP		0x8053	/* Encryption Control Protocol */
+#define	PPP_ECPFRAG	0x8055	/* ECP at link level (below MP bundle) */
+#define	PPP_IPV6CP	0x8057	/* IPv6 Control Protocol */
+#define	PPP_MUXCP	0x8059	/* PPP Muxing Control Protocol */
+#define	PPP_CCPFRAG	0x80fb	/* CCP at link level (below MP bundle) */
+#define	PPP_CCP		0x80fd	/* Compression Control Protocol */
+#define	PPP_MPLSCP	0x8281	/* MPLS Control Protocol */
+#define	PPP_LCP		0xc021	/* Link Control Protocol */
+#define	PPP_PAP		0xc023	/* Password Authentication Protocol */
+#define	PPP_LQR		0xc025	/* Link Quality Report protocol */
+#define	PPP_BACP	0xc02b	/* Bandwidth Allocation Control Protocol */
+#define	PPP_BAP		0xc02d	/* Bandwidth Allocation Protocol */
+#define	PPP_CBCP	0xc029	/* Callback Control Protocol */
+#define	PPP_CHAP	0xc223	/* Challenge Handshake Auth. Protocol */
+#define	PPP_EAP		0xc227	/* Extensible Authentication Protocol */
+
+/*
+ * Values for FCS calculations.
+ */
+#define	PPP_INITFCS	0xffff	/* Initial FCS value */
+#define	PPP_GOODFCS	0xf0b8	/* Good final FCS value */
+#define	PPP_FCS(fcs, c)	(((fcs) >> 8) ^ fcstab[((fcs) ^ (c)) & 0xff])
+
+#define	PPPINITFCS16	PPP_INITFCS
+#define	PPPGOODFCS16	PPP_GOODFCS
+#define	PPPFCS16(fcs, c)	PPP_FCS((fcs), (c))
+
+#define	PPPINITFCS32	0xfffffffful
+#define	PPPGOODFCS32	0xdebb20e3ul
+#define	PPPFCS32(fcs, c) (((fcs) >> 8) ^ crc32_table[((fcs) ^ (c)) & 0xff])
+
+/* Marker values shared between pppdump and pppd. */
+#define	RECMARK_STARTSEND	1
+#define	RECMARK_STARTRECV	2
+#define	RECMARK_ENDSEND		3
+#define	RECMARK_ENDRECV		4
+#define	RECMARK_TIMEDELTA32	5
+#define	RECMARK_TIMEDELTA8	6
+#define	RECMARK_TIMESTART	7
+
+/*
+ * A 32-bit unsigned integral type.
+ */
+
+#if !defined(__BIT_TYPES_DEFINED__) && !defined(_BITYPES) && \
+	!defined(__FreeBSD__) && (NS_TARGET < 40)
+#ifdef	UINT32_T
+typedef UINT32_T	u_int32_t;
+#else
+typedef unsigned int	u_int32_t;
+typedef unsigned short  u_int16_t;
+#endif
+#endif
+
+#if defined(__sun) && !defined(_SYS_INT_TYPES_H) && !defined(_UINT32_T)
+/* Backward compatibility */
+typedef uint_t uint32_t;
+typedef ushort_t uint16_t;
+typedef uchar_t uint8_t;
+typedef unsigned long uintptr_t;
+#define	_UINT32_T
+#endif
+
+/*
+ * Extended asyncmap - allows any character to be escaped.
+ */
+typedef u_int32_t	ext_accm[8];
+
+/*
+ * What to do with network protocol (NP) packets.
+ */
+enum NPmode {
+    NPMODE_PASS,		/* pass the packet through */
+    NPMODE_DROP,		/* silently drop the packet */
+    NPMODE_ERROR,		/* return an error */
+    NPMODE_QUEUE		/* save it up for later. */
+};
+
+/*
+ * Statistics.
+ */
+struct pppstat	{
+    u_int32_t ppp_ibytes;	/* bytes received */
+    u_int32_t ppp_ipackets;	/* packets received */
+    u_int32_t ppp_ierrors;	/* receive errors */
+    u_int32_t ppp_obytes;	/* bytes sent */
+    u_int32_t ppp_opackets;	/* packets sent */
+    u_int32_t ppp_oerrors;	/* transmit errors */
+};
+
+struct vjstat {
+    u_int32_t vjs_packets;	/* outbound packets */
+    u_int32_t vjs_compressed; /* outbound compressed packets */
+    u_int32_t vjs_searches;	/* searches for connection state */
+    u_int32_t vjs_misses;	/* times couldn't find conn. state */
+    u_int32_t vjs_uncompressedin; /* inbound uncompressed packets */
+    u_int32_t vjs_compressedin; /* inbound compressed packets */
+    u_int32_t vjs_errorin;	/* inbound unknown type packets */
+    u_int32_t vjs_tossed;	/* inbound packets tossed because of error */
+};
+
+struct ppp_stats {
+    struct pppstat p;		/* basic PPP statistics */
+    struct vjstat vj;		/* VJ header compression statistics */
+};
+
+#ifdef SOL2
+#define	PPP_COUNTER_F	"llu"
+typedef uint64_t	ppp_counter_t;
+
+struct pppstat64 {
+	ppp_counter_t ppp_ibytes;	/* bytes received */
+	ppp_counter_t ppp_ipackets;	/* packets received */
+	ppp_counter_t ppp_ierrors;	/* receive errors */
+	ppp_counter_t ppp_obytes;	/* bytes sent */
+	ppp_counter_t ppp_opackets;	/* packets sent */
+	ppp_counter_t ppp_oerrors;	/* transmit errors */
+};
+
+struct ppp_stats64 {
+	struct pppstat64 p;
+	struct vjstat vj;
+};
+#else
+#define	PPP_COUNTER_F	"u"
+typedef u_int32_t	ppp_counter_t;
+#endif
+
+struct compstat {
+    u_int32_t unc_bytes;	/* total uncompressed bytes */
+    u_int32_t unc_packets;	/* total uncompressed packets */
+    u_int32_t comp_bytes;	/* compressed bytes */
+    u_int32_t comp_packets;	/* compressed packets */
+    u_int32_t inc_bytes;	/* incompressible bytes */
+    u_int32_t inc_packets;	/* incompressible packets */
+    u_int32_t ratio;		/* recent compression ratio << 8 */
+};
+
+struct ppp_comp_stats {
+    struct compstat c;		/* packet compression statistics */
+    struct compstat d;		/* packet decompression statistics */
+};
+
+/*
+ * The following structure records the time in seconds since
+ * the last NP packet was sent or received.
+ */
+struct ppp_idle {
+	/*
+	 * Fix the length of these fields to be 32-bit, since
+	 * otherwise, a time_t (long) is 64-bit in kernel while 32-bit
+	 * in userland when running on a 64-bit CPU with a 64-bit OS.
+	 */
+    u_int32_t xmit_idle;	/* time since last NP packet sent */
+    u_int32_t recv_idle;	/* time since last NP packet received */
+};
+
+enum LSstat {
+    PPP_LINKSTAT_HANGUP = 0xabcd, /* link is hung up */
+    PPP_LINKSTAT_NEEDUP,	/* link is down and needs to be up */
+    PPP_LINKSTAT_IPV4_UNBOUND,	/* DL_UNBIND received on IPv4 stream */
+    PPP_LINKSTAT_IPV6_UNBOUND,	/* DL_UNBIND received on IPv6 stream */
+    PPP_LINKSTAT_IPV4_BOUND,	/* DL_BIND received on IPv4 stream */
+    PPP_LINKSTAT_IPV6_BOUND,	/* DL_BIND received on IPv6 stream */
+    PPP_LINKSTAT_UP		/* Integrated driver; hardware is up */
+};
+
+#define	PPPLSMAGIC	0x53505050
+
+struct ppp_ls {
+    u_int32_t magic;		/* magic number identifier (PPPLSMAGIC) */
+    u_int32_t ppp_message;	/* link status message */
+};
+
+#ifndef __P
+#ifdef __STDC__
+#define	__P(x)	x
+#else
+#define	__P(x)	()
+#endif
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _PPP_DEFS_H_ */
diff --git a/usr/src/uts/common/net/pppio.h b/usr/src/uts/common/net/pppio.h
new file mode 100644
index 0000000000..d75c140332
--- /dev/null
+++ b/usr/src/uts/common/net/pppio.h
@@ -0,0 +1,197 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License").  You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * pppio.h - ioctl and other misc. definitions for STREAMS modules.
+ *
+ * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ *
+ * Copyright (c) 1994 The Australian National University.
+ * All rights reserved.
+ *
+ * Permission to use, copy, modify, and distribute this software and its
+ * documentation is hereby granted, provided that the above copyright
+ * notice appears in all copies.  This software is provided without any
+ * warranty, express or implied. The Australian National University
+ * makes no representations about the suitability of this software for
+ * any purpose.
+ *
+ * IN NO EVENT SHALL THE AUSTRALIAN NATIONAL UNIVERSITY BE LIABLE TO ANY
+ * PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
+ * ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF
+ * THE AUSTRALIAN NATIONAL UNIVERSITY HAVE BEEN ADVISED OF THE POSSIBILITY
+ * OF SUCH DAMAGE.
+ *
+ * THE AUSTRALIAN NATIONAL UNIVERSITY SPECIFICALLY DISCLAIMS ANY WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE.  THE SOFTWARE PROVIDED HEREUNDER IS
+ * ON AN "AS IS" BASIS, AND THE AUSTRALIAN NATIONAL UNIVERSITY HAS NO
+ * OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS,
+ * OR MODIFICATIONS.
+ *
+ * $Id: pppio.h,v 1.8 1996/08/28 06:36:51 paulus Exp $
+ */
+
+#ifndef __PPPIO_H
+#define	__PPPIO_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+#define	_PPPIO(n)	(('p' << 8) + (n))
+
+#define	PPPIO_NEWPPA	_PPPIO(130)	/* allocate a new PPP unit */
+#define	PPPIO_GETSTAT	_PPPIO(131)	/* get PPP statistics */
+#define	PPPIO_GETCSTAT	_PPPIO(132)	/* get PPP compression stats */
+#define	PPPIO_MTU	_PPPIO(133)	/* set max transmission unit */
+#define	PPPIO_MRU	_PPPIO(134)	/* set max receive unit */
+#define	PPPIO_CFLAGS	_PPPIO(135)	/* set/clear/get compression flags */
+#define	PPPIO_XCOMP	_PPPIO(136)	/* alloc transmit compressor */
+#define	PPPIO_RCOMP	_PPPIO(137)	/* alloc receive decompressor */
+#define	PPPIO_XACCM	_PPPIO(138)	/* set transmit asyncmap */
+#define	PPPIO_RACCM	_PPPIO(139)	/* set receive asyncmap */
+#define	PPPIO_VJINIT	_PPPIO(140)	/* initialize VJ comp/decomp */
+#define	PPPIO_ATTACH	_PPPIO(141)	/* attach to a ppa (without putmsg) */
+#define	PPPIO_LASTMOD	_PPPIO(142)	/* mark last ppp module */
+#define	PPPIO_GCLEAN	_PPPIO(143)	/* get 8-bit-clean flags */
+#define	PPPIO_DEBUG	_PPPIO(144)	/* request debug information */
+#define	PPPIO_BIND	_PPPIO(145)	/* bind to SAP */
+#define	PPPIO_NPMODE	_PPPIO(146)	/* set mode for handling data pkts */
+#define	PPPIO_GIDLE	_PPPIO(147)	/* get time since last data pkt */
+#define	PPPIO_PASSFILT	_PPPIO(148)	/* set filter for packets to pass */
+#define	PPPIO_ACTIVEFILT _PPPIO(149)	/* set filter for "link active" pkts */
+#define	PPPIO_USETIMESTAMP _PPPIO(150)	/* enable packet time-stamp */
+#define	PPPIO_DETACH	_PPPIO(151)	/* detach from a ppa (w/o putmsg ) */
+#define	PPPIO_XFCS	_PPPIO(152)	/* set transmit FCS type */
+#define	PPPIO_RFCS	_PPPIO(153)	/* set receive FCS type */
+#define	PPPIO_COMPLEV	_PPPIO(154)	/* set compression effort level */
+#define	PPPIO_GTYPE	_PPPIO(155)	/* get existing driver type */
+#define	PPPIO_MUX	_PPPIO(156)	/* multiplexed frame */
+#define	PPPIO_GETSTAT64	_PPPIO(157)	/* get PPP 64-bit statistics */
+#define	PPPIO_BLOCKNP	_PPPIO(158)	/* block pkts with proto np in kernel */
+#define	PPPIO_UNBLOCKNP	_PPPIO(159)	/* unblock pkts with proto np */
+
+/* Values for PPPIO_MUX FLAGS */
+#define	X_MUXMASK	0x10		/* transmit muxed frame option */
+#define	R_MUXMASK	0x20		/* receive muxed frame option */
+
+/*
+ * Values for PPPIO_CFLAGS.  Data sent in is u_int32_t val[2], where
+ * result is newflags = val[0] | (oldflags & ~val[1]).  Returned data
+ * is a single u_int32_t, containing the current flags.
+ */
+#define	COMP_AC		0x1		/* compress address/control */
+#define	DECOMP_AC	0x2		/* decompress address/control */
+#define	COMP_PROT	0x4		/* compress PPP protocol */
+#define	DECOMP_PROT	0x8		/* decompress PPP protocol */
+
+#define	COMP_VJC	0x10		/* compress TCP/IP headers */
+#define	COMP_VJCCID	0x20		/* compress connection ID as well */
+#define	DECOMP_VJC	0x40		/* decompress TCP/IP headers */
+#define	DECOMP_VJCCID	0x80		/* accept compressed connection ID */
+
+#define	CCP_ISOPEN	0x100		/* look at CCP packets */
+#define	CCP_ISUP	0x200		/* do packet comp/decomp */
+#define	CCP_ERROR	0x400		/* (status) error in packet decomp */
+#define	CCP_FATALERROR	0x800		/* (status) fatal error ditto */
+#define	CCP_COMP_RUN	0x1000		/* (status) seen CCP ack sent */
+#define	CCP_DECOMP_RUN	0x2000		/* (status) seen CCP ack rcvd */
+
+
+/*
+ * Values for PPPIO_XFCS/PPPIO_RFCS.  (Note that we don't support
+ * simultaneous use of 16 bit and 32 bit CRCs.)
+ */
+#define	PPPFCS_16	0		/* The default, usually; CRC-16 */
+#define	PPPFCS_32	1		/* CRC-32 */
+#define	PPPFCS_NONE	2		/* No CRC */
+
+/*
+ * Values for 8-bit-clean flags.
+ */
+#define	RCV_B7_0	1		/* have rcvd char with bit 7 = 0 */
+#define	RCV_B7_1	2		/* have rcvd char with bit 7 = 1 */
+#define	RCV_EVNP	4		/* have rcvd char with even parity */
+#define	RCV_ODDP	8		/* have rcvd char with odd parity */
+
+/*
+ * Values for the first byte of M_CTL messages passed between
+ * PPP modules.
+ */
+#define	PPPCTL_OERROR	0xe0		/* output error [up] */
+#define	PPPCTL_IERROR	0xe1		/* input error (e.g. FCS) [up] */
+#define	PPPCTL_MTU	0xe2		/* set MTU [down] */
+#define	PPPCTL_MRU	0xe3		/* set MRU [down] */
+#define	PPPCTL_UNIT	0xe4		/* note PPP unit number [down] */
+
+/*
+ * Values for the u_int32_t argument to PPPIO_DEBUG.
+ */
+#define	PPPDBG_DUMP	0x10000		/* print out debug info now */
+#define	PPPDBG_LOG	0x100		/* log various things */
+#define	PPPDBG_DRIVER	0		/* identifies ppp driver as target */
+#define	PPPDBG_IF	1		/* identifies ppp network i/f target */
+#define	PPPDBG_COMP	2		/* identifies ppp compression target */
+#define	PPPDBG_AHDLC	3		/* identifies ppp async hdlc target */
+
+/*
+ * Values for the u_int32_t return from PPPIO_GTYPE.  Only lastmod
+ * should respond.  Current modules return PPPTYP_AHDLC (async
+ * module), PPPTYP_HC (compression module) and PPPTYP_MUX (PPP
+ * interface driver).
+ */
+#define	PPPTYP_HDLC	0		/* raw HDLC I/O; no PPP handling */
+#define	PPPTYP_AHDLC	1		/* async HDLC; has [XR]ACCM */
+#define	PPPTYP_HC	2		/* HDLC with ACFC and PFC support */
+#define	PPPTYP_AHC	3		/* async with ACFC and PFC */
+#define	PPPTYP_MUX	4		/* multiplexor */
+
+#ifdef SOL2
+/* Officially allocated module numbers */
+#define	PPP_MOD_ID	2101	/* PPP multiplexor */
+#define	COMP_MOD_ID	2102	/* Data and header compression */
+#define	AHDLC_MOD_ID	2103	/* Asynchronous HDLC-like encapsulation */
+#define	TUN_MOD_ID	2104	/* Tunneling protocols */
+#define	MP_MOD_ID	2105	/* Multilink PPP */
+#define	PPP_DRV_NAME	"sppp"
+#define	AHDLC_MOD_NAME	"spppasyn"
+#define	COMP_MOD_NAME	"spppcomp"
+#define	TUN_MOD_NAME	"sppptun"
+#define	MP_MOD_NAME	"spppmp"
+#else
+#define	PPP_MOD_ID	0xb1a6
+#define	COMP_MOD_ID	0xbadf
+#define	AHDLC_MOD_ID	0x7d23
+#define	PPP_DRV_NAME	"ppp"
+#define	AHDLC_MOD_NAME	"ppp_ahdl"
+#define	COMP_MOD_NAME	"ppp_comp"
+#endif
+#define	PPP_DEV_NAME	"/dev/" PPP_DRV_NAME
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif /* __PPPIO_H */
diff --git a/usr/src/uts/common/net/pppoe.h b/usr/src/uts/common/net/pppoe.h
new file mode 100644
index 0000000000..28a2f0958c
--- /dev/null
+++ b/usr/src/uts/common/net/pppoe.h
@@ -0,0 +1,127 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License").  You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * PPPoE Protocol definitions.
+ *
+ * Copyright (c) 2000-2001 by Sun Microsystems, Inc.
+ * All rights reserved.
+ *
+ * See also:
+ *	RFC 2516, A Method for Transmitting PPP Over Ethernet (PPPoE)
+ */
+
+#ifndef _NETINET_PPPOE_H
+#define	_NETINET_PPPOE_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+#include <sys/types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Protocol description and well-known constants used by Informational
+ * RFC 2516, "A Method for Transmitting PPP Over Ethernet (PPPoE)."
+ *
+ * Caution:  Note that, contrary to standard practice, length counts
+ * used in PPPoE do not include the applicable header length.
+ */
+
+/* Aligned PPPoE packet header; both discovery and session stages */
+typedef struct poep_s {
+	uint8_t		poep_version_type;	/* Use POE_VERSION */
+	uint8_t		poep_code;	/* POECODE_* below */
+	uint16_t	poep_session_id;	/* POESESS_* below */
+	uint16_t	poep_length;	/* NOT including this header */
+} poep_t;
+#define	POE_HDR_ALIGN	(sizeof (ushort_t))
+
+#define	PPPOE_MSGMAX	1500	/* Maximum possible message length */
+#define	PPPOE_MTU	1492	/* Maximum PPP MTU/MRU with PPPoE */
+#define	PPPOE_MAXPADI	1484	/* Max from RFC 2516 */
+
+#define	POE_VERSION	0x11	/* RFC 2516 version/type fields */
+
+/* poep_t.poep_code numbers from RFC 2516 */
+#define	POECODE_DATA	0x00	/* Data packet (uses other Ethertype) */
+#define	POECODE_PADO	0x07	/* Active Discovery Offer */
+#define	POECODE_PADI	0x09	/* Active Discovery Initiation (bcast) */
+#define	POECODE_PADR	0x19	/* Active Discovery Request */
+#define	POECODE_PADS	0x65	/* Active Discovery Session-confirmation */
+#define	POECODE_PADT	0xA7	/* Active Discovery Terminate */
+
+/* poep_t.poep_code numbers from draft-carrel-info-pppoe-ext. */
+#define	POECODE_PADM	0xD3	/* Active Discovery Message */
+#define	POECODE_PADN	0xD4	/* Active Discovery Network */
+
+/* Special values for poep_t.poep_session_id */
+#define	POESESS_NONE	0x0000	/* PADI, PADO, and PADR only */
+#define	POESESS_ALL	0xFFFF	/* For multicast data */
+
+/*
+ * Tag parsing macros (unaligned) for discovery stage packets.
+ * These assume that the pointer to the data is a uint8_t *.
+ */
+#define	POET_GET_TYPE(x)	(((x)[0]<<8) | (x)[1])
+#define	POET_SET_TYPE(x, t)	(void)((x)[0] = (t)>>8, (x)[1] = (t)&0xFF)
+#define	POET_GET_LENG(x)	(((x)[2]<<8) | (x)[3])
+#define	POET_SET_LENG(x, l)	(void)((x)[2] = (l)>>8, (x)[3] = (l)&0xFF)
+#define	POET_HDRLEN		4
+#define	POET_DATA(x)		((x)+POET_HDRLEN)
+#define	POET_NEXT(x)		(POET_DATA(x) + POET_GET_LENG(x))
+
+/* Tag types for discovery stage packets from RFC 2516. */
+#define	POETT_END	0x0000	/* End-Of-List; not required */
+#define	POETT_SERVICE	0x0101	/* Service-Name; UTF-8 string follows */
+#define	POETT_ACCESS	0x0102	/* AC-Name; UTF-8 */
+#define	POETT_UNIQ	0x0103	/* Host-Uniq; arbitrary binary */
+#define	POETT_COOKIE	0x0104	/* AC-Cookie; DoS reducer */
+#define	POETT_VENDOR	0x0105	/* Vendor-Specific; 0+enterprise+data */
+#define	POETT_RELAY	0x0110	/* Relay-Session-Id; opaque data */
+#define	POETT_NAMERR	0x0201	/* Service-Name-Error; no data */
+#define	POETT_SYSERR	0x0202	/* AC-System-Error; may have UTF-8 */
+#define	POETT_GENERR	0x0203	/* Generic-Error; may have UTF-8 */
+
+/* Tag types from draft-carrel-info-pppoe-ext. */
+#define	POETT_MULTI	0x0106	/* Multicast-Capable; one byte version */
+#define	POETT_HURL	0x0111	/* Host-URL; UTF-8 for browser */
+#define	POETT_MOTM	0x0112	/* Message-Of-The-Minute; UTF-8 for human */
+#define	POETT_RTEADD	0x0121	/* IP-Route-Add; single poer_t below */
+
+/* Data byte in POETT_MULTI (Multicast-Capable) tag. */
+#define	POET_MULTI_VER	0x00	/* Current version is zero */
+
+/* POETT_RTEADD tag contents */
+typedef struct poer_s {
+	uint32_t	poer_dest_network;
+	uint32_t	poer_subnet_mask;
+	uint32_t	poer_gateway;
+	uint32_t	poer_metric;
+} poer_t;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _NETINET_PPPOE_H */
diff --git a/usr/src/uts/common/net/route.h b/usr/src/uts/common/net/route.h
new file mode 100644
index 0000000000..324d630ba3
--- /dev/null
+++ b/usr/src/uts/common/net/route.h
@@ -0,0 +1,226 @@
+/*
+ * Copyright 1992-2002 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+/*
+ * Copyright (c) 1980, 1986, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * Kernel resident routing tables.
+ *
+ * The routing tables are initialized when interface addresses
+ * are set by making entries for all directly connected interfaces.
+ */
+
+#ifndef	_NET_ROUTE_H
+#define	_NET_ROUTE_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+/* from UCB 8.5 (Berkeley) 2/8/95 */
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/*
+ * A route consists of a destination address and a reference
+ * to a routing entry.  These are often held by protocols
+ * in their control blocks, e.g. inpcb.
+ */
+struct route {
+	struct	rtentry *ro_rt;
+	struct	sockaddr ro_dst;
+};
+
+/*
+ * These numbers are used by reliable protocols for determining
+ * retransmission behavior and are included in the routing structure.
+ *
+ * rmx_rtt and rmx_rttvar are stored as microseconds;
+ */
+typedef struct rt_metrics {
+	uint32_t	rmx_locks;	/* Kernel must leave these values */
+					/* alone */
+	uint32_t	rmx_mtu;	/* MTU for this path */
+	uint32_t	rmx_hopcount;	/* max hops expected */
+	uint32_t	rmx_expire;	/* lifetime for route, e.g. redirect */
+	uint32_t	rmx_recvpipe;	/* inbound delay-bandwith product */
+	uint32_t	rmx_sendpipe;	/* outbound delay-bandwith product */
+	uint32_t	rmx_ssthresh;	/* outbound gateway buffer limit */
+	uint32_t	rmx_rtt;	/* estimated round trip time */
+	uint32_t	rmx_rttvar;	/* estimated rtt variance */
+	uint32_t	rmx_pksent;	/* packets sent using this route */
+} rt_metrics_t;
+
+/*
+ * OLD rtentry structure not used in the kernel. Instead the kernel
+ * uses struct ire defined in <inet/ip.h>.
+ *
+ * We distinguish between routes to hosts and routes to networks,
+ * preferring the former if available.  For each route we infer
+ * the interface to use from the gateway address supplied when
+ * the route was entered.  Routes that forward packets through
+ * gateways are marked so that the output routines know to address the
+ * gateway rather than the ultimate destination.
+ */
+struct rtentry {
+	uint_t	rt_hash;		/* to speed lookups */
+	struct	sockaddr rt_dst;	/* key */
+	struct	sockaddr rt_gateway;	/* value */
+	short	rt_flags;		/* up/down?, host/net */
+	short	rt_refcnt;		/* # held references */
+	uint_t	rt_use;			/* raw # packets forwarded */
+
+/*
+ * The kernel does not use this field, and without it the structure is
+ * datamodel independent.
+ */
+#if !defined(_KERNEL)
+	struct	ifnet *rt_ifp;		/* the answer: interface to use */
+#endif /* !defined(_KERNEL) */
+};
+
+#define	RTF_UP		0x1		/* route usable */
+#define	RTF_GATEWAY	0x2		/* destination is a gateway */
+#define	RTF_HOST	0x4		/* host entry (net otherwise) */
+#define	RTF_REJECT	0x8		/* host or net unreachable */
+#define	RTF_DYNAMIC	0x10		/* created dynamically (by redirect) */
+#define	RTF_MODIFIED	0x20		/* modified dynamically (by redirect) */
+#define	RTF_DONE	0x40		/* message confirmed */
+#define	RTF_MASK	0x80		/* subnet mask present */
+#define	RTF_CLONING	0x100		/* generate new routes on use */
+#define	RTF_XRESOLVE	0x200		/* external daemon resolves name */
+#define	RTF_LLINFO	0x400		/* generated by ARP or ESIS */
+#define	RTF_STATIC	0x800		/* manually added */
+#define	RTF_BLACKHOLE	0x1000		/* just discard pkts (during updates) */
+#define	RTF_PRIVATE	0x2000		/* do not advertise this route */
+#define	RTF_PROTO2	0x4000		/* protocol specific routing flag */
+#define	RTF_PROTO1	0x8000		/* protocol specific routing flag */
+#define	RTF_MULTIRT	0x10000		/* multiroute */
+#define	RTF_SETSRC	0x20000		/* set default outgoing src address */
+
+
+/*
+ * OLD statistics not used by the kernel. The kernel uses <inet/mib2.h>.
+ *
+ * Routing statistics.
+ */
+struct	rtstat {
+	short	rts_badredirect;	/* bogus redirect calls */
+	short	rts_dynamic;		/* routes created by redirects */
+	short	rts_newgateway;		/* routes modified by redirects */
+	short	rts_unreach;		/* lookups which failed */
+	short	rts_wildcard;		/* lookups satisfied by a wildcard */
+};
+
+/*
+ * Structures for routing messages.
+ */
+typedef struct rt_msghdr {
+	ushort_t rtm_msglen;	/* to skip over non-understood messages */
+	uchar_t	rtm_version;	/* future binary compatibility */
+	uchar_t	rtm_type;	/* message type */
+	ushort_t rtm_index;	/* index for associated ifp */
+	int	rtm_flags;	/* flags, incl. kern & message, e.g. DONE */
+	int	rtm_addrs;	/* bitmask identifying sockaddrs in msg */
+	pid_t	rtm_pid;	/* identify sender */
+	int	rtm_seq;	/* for sender to identify action */
+	int	rtm_errno;	/* why failed */
+	int	rtm_use;	/* from rtentry */
+	uint_t	rtm_inits;	/* which metrics we are initializing */
+	struct	rt_metrics rtm_rmx; /* metrics themselves */
+} rt_msghdr_t;
+
+#define	RTM_VERSION	3	/* Up the ante and ignore older versions */
+
+#define	RTM_ADD		0x1	/* Add Route */
+#define	RTM_DELETE	0x2	/* Delete Route */
+#define	RTM_CHANGE	0x3	/* Change Metrics or flags */
+#define	RTM_GET		0x4	/* Report Metrics */
+#define	RTM_LOSING	0x5	/* Kernel Suspects Partitioning */
+#define	RTM_REDIRECT	0x6	/* Told to use different route */
+#define	RTM_MISS	0x7	/* Lookup failed on this address */
+#define	RTM_LOCK	0x8	/* fix specified metrics */
+#define	RTM_OLDADD	0x9	/* caused by SIOCADDRT */
+#define	RTM_OLDDEL	0xa	/* caused by SIOCDELRT */
+#define	RTM_RESOLVE	0xb	/* req to resolve dst to LL addr */
+#define	RTM_NEWADDR	0xc	/* address being added to iface */
+#define	RTM_DELADDR	0xd	/* address being removed from iface */
+#define	RTM_IFINFO	0xe	/* iface going up/down etc. */
+
+#define	RTV_MTU		0x1	/* init or lock _mtu */
+#define	RTV_HOPCOUNT	0x2	/* init or lock _hopcount */
+#define	RTV_EXPIRE	0x4	/* init or lock _expire */
+#define	RTV_RPIPE	0x8	/* init or lock _recvpipe */
+#define	RTV_SPIPE	0x10	/* init or lock _sendpipe */
+#define	RTV_SSTHRESH	0x20	/* init or lock _ssthresh */
+#define	RTV_RTT		0x40	/* init or lock _rtt */
+#define	RTV_RTTVAR	0x80	/* init or lock _rttvar */
+
+/*
+ * Bitmask values for rtm_addr.
+ */
+#define	RTA_DST		0x1	/* destination sockaddr present */
+#define	RTA_GATEWAY	0x2	/* gateway sockaddr present */
+#define	RTA_NETMASK	0x4	/* netmask sockaddr present */
+#define	RTA_GENMASK	0x8	/* cloning mask sockaddr present */
+#define	RTA_IFP		0x10	/* interface name sockaddr present */
+#define	RTA_IFA		0x20	/* interface addr sockaddr present */
+#define	RTA_AUTHOR	0x40	/* sockaddr for author of redirect */
+#define	RTA_BRD		0x80	/* for NEWADDR, broadcast or p-p dest addr */
+#define	RTA_SRC		0x100	/* source sockaddr present */
+#define	RTA_SRCIFP	0x200	/* source interface index sockaddr present */
+
+#define	RTA_NUMBITS	10	/* Number of bits used in RTA_* */
+
+/*
+ * Index offsets for sockaddr_storage array for alternate internal encoding.
+ * There should be an RTAX_* associated with each RTA_*.
+ */
+#define	RTAX_DST	0
+#define	RTAX_GATEWAY	1
+#define	RTAX_NETMASK	2
+#define	RTAX_GENMASK	3
+#define	RTAX_IFP	4
+#define	RTAX_IFA	5
+#define	RTAX_AUTHOR	6
+#define	RTAX_BRD	7
+#define	RTAX_SRC	8
+#define	RTAX_SRCIFP	9
+#define	RTAX_MAX	RTA_NUMBITS	/* size of array to allocate */
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif	/* _NET_ROUTE_H */
diff --git a/usr/src/uts/common/net/sppptun.h b/usr/src/uts/common/net/sppptun.h
new file mode 100644
index 0000000000..0ffeb1dd40
--- /dev/null
+++ b/usr/src/uts/common/net/sppptun.h
@@ -0,0 +1,168 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License").  You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * sppptun.h - ioctl and other miscellaneous definitions for PPP
+ * tunneling STREAMS module
+ *
+ * Copyright 2000-2002 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ *
+ * See also:
+ *	RFC 2341, Cisco Layer Two Forwarding (Protocol) "L2F"
+ *	RFC 2516, A Method for Transmitting PPP Over Ethernet (PPPoE)
+ *	RFC 2637, Point-to-Point Tunneling Protocol (PPTP)
+ *	RFC 2661, Layer Two Tunneling Protocol "L2TP"
+ */
+
+#ifndef __SPPPTUN_H
+#define	__SPPPTUN_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/ethernet.h>
+#include <net/if.h>
+#include <netinet/in.h>
+
+#ifdef	__cplusplus
+extern "C" {
+#endif
+
+/* Device name */
+#define	PPP_TUN_NAME "sppptun"
+
+/* The constant below is "TUN" in hex. */
+#define	_PPPTUN(n)	(0x54554E00 + (n))
+
+/*
+ * Except where otherwise noted (mod), these apply to the driver side
+ * of the PPP tunnel multiplexor.
+ */
+#define	PPPTUN_SNAME	_PPPTUN(1)	/* set interface name (mod) */
+#define	PPPTUN_GNAME	_PPPTUN(2)	/* get interface name (mod) */
+#define	PPPTUN_SINFO	_PPPTUN(3)	/* set multiplex ID/style */
+#define	PPPTUN_GINFO	_PPPTUN(4)	/* get multiplex ID/style */
+#define	PPPTUN_GNNAME	_PPPTUN(5)	/* get Nth interface name */
+#define	PPPTUN_LCLADDR	_PPPTUN(6)	/* set local address */
+#define	PPPTUN_SPEER	_PPPTUN(7)	/* set peer ID */
+#define	PPPTUN_GPEER	_PPPTUN(8)	/* get peer ID */
+#define	PPPTUN_SDATA	_PPPTUN(9)	/* set data channel by name */
+#define	PPPTUN_GDATA	_PPPTUN(10)	/* get data channel name */
+#define	PPPTUN_SCTL	_PPPTUN(11)	/* set control channel by name */
+#define	PPPTUN_GCTL	_PPPTUN(12)	/* get control channel name */
+#define	PPPTUN_DCTL	_PPPTUN(13)	/* remove control channel */
+
+/* Lower layer link name size */
+#define	PPPTUNNAMSIZ	32
+
+typedef char ppptun_lname[PPPTUNNAMSIZ];
+
+/*
+ * For PPPTUN_SNAME, PPPTUN_GNAME, PPPTUN_SDATA, PPPTUN_GDATA,
+ * PPPTUN_SCTL, PPPTUN_GCTL, and PPPTUN_DCTL, just this structure is
+ * used.
+ *
+ * PPPTUN_GNNAME takes in a single int (0...N) and this structure is
+ * returned.  Use ptn_index to pass in the index.
+ */
+union ppptun_name {
+	uint32_t	ptn_index;
+	ppptun_lname	ptn_name;
+};
+
+/* PPPTUN_SINFO and PPPTUN_GINFO use this structure */
+struct ppptun_info {
+	ppptun_lname	pti_name;
+	uint32_t	pti_muxid;	/* ID from I_PLINK (not L2F!) */
+	uint32_t	pti_style;	/* One of PTS_* below */
+};
+
+#define	PTS_NONE	0		/* Illegal configuration */
+#define	PTS_PPPOE	1		/* DLPI PPPoE */
+#define	PTS_L2FTP	2		/* TLI L2F or L2TP over UDP GRE */
+#define	PTS_PPTP	3		/* TPI PPTP over IP GRE */
+#define	PTS__MAX	4		/* one greater than last above */
+
+struct ppptun_gre_addr {
+	struct in6_addr	ptga_peer_ip;
+	uint16_t	ptga_peer_port;	/* L2TP or L2F, not PPTP */
+	uint8_t		ptga_version;	/* one of PTGAV_* below */
+};
+
+struct ppptun_mac_addr {
+	struct ether_addr	ptma_mac_ether_addr;
+#define	ptma_mac	ptma_mac_ether_addr.ether_addr_octet
+};
+
+/* Values for ptga_version; corresponds to GRE version number */
+#define	PTGAV_L2F	0x01
+#define	PTGAV_PPTP	0x01
+#define	PTGAV_L2TP	0x02
+
+typedef union {
+	struct ppptun_gre_addr	pta_l2f;
+	struct ppptun_gre_addr	pta_l2tp;
+	struct ppptun_gre_addr	pta_pptp;
+	struct ppptun_mac_addr	pta_pppoe;
+} ppptun_atype;
+
+/* For PPPTUN_SPEER and PPPTUN_GPEER; the address depends on the style */
+struct ppptun_peer {
+	uint32_t	ptp_style;	/* Sanity check; must match lower */
+	uint32_t	ptp_flags;	/* See PTPF_* below */
+	uint32_t	ptp_ltunid;	/* Local Tunnel ID (L2F/L2TP) */
+	uint32_t	ptp_rtunid;	/* Remote Tunnel ID (L2F/L2TP) */
+	uint32_t	ptp_lsessid;	/* Local Session ID */
+	uint32_t	ptp_rsessid;	/* Remote Session ID */
+	ppptun_atype	ptp_address;	/* Peer address */
+};
+
+#define	PTPF_DAEMON	0x00000001	/* server side; session ID 0 */
+
+/* For M_PROTO (control message) */
+struct ppptun_control {
+	uint32_t	ptc_discrim;	/* Use PPPOE_DISCRIM */
+	uint32_t	ptc_action;	/* See PTCA_* below */
+	uint32_t	ptc_rsessid;	/* Remote session ID */
+	ppptun_atype	ptc_address;	/* Peer address (if any) */
+	ppptun_lname	ptc_name;	/* Lower stream name (if any) */
+};
+
+/*
+ * This value, currently set to the characters "POE1," is used to
+ * distinguish among control messages from multiple lower streams
+ * under /dev/sppp.  This feature is needed to support PPP translation
+ * (LAC-like behavior), but isn't currently used.
+ */
+#define	PPPOE_DISCRIM	0x504F4531
+
+#define	PTCA_TEST	1		/* Test/set stream discriminator */
+#define	PTCA_CONTROL	2		/* Inbound control message */
+#define	PTCA_DISCONNECT	3		/* Client disconnected */
+#define	PTCA_UNPLUMB	4		/* Lower stream unplumbed (no addr) */
+
+#ifdef	__cplusplus
+}
+#endif
+
+#endif /* __SPPPTUN_H */
diff --git a/usr/src/uts/common/net/vjcompress.h b/usr/src/uts/common/net/vjcompress.h
new file mode 100644
index 0000000000..c9fa6ed8e7
--- /dev/null
+++ b/usr/src/uts/common/net/vjcompress.h
@@ -0,0 +1,157 @@
+/*
+ * Definitions for tcp compression routines.
+ *
+ * $Id: vjcompress.h,v 1.3 1996/05/28 00:55:33 paulus Exp $
+ *
+ * Copyright (c) 2000 by Sun Microsystems, Inc.
+ * All rights reserved.
+ *
+ * Copyright (c) 1989 Regents of the University of California.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that the above copyright notice and this paragraph are
+ * duplicated in all such forms and that any documentation,
+ * advertising materials, and other materials related to such
+ * distribution and use acknowledge that the software was developed
+ * by the University of California, Berkeley.  The name of the
+ * University may not be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
+ *
+ *	Van Jacobson (van@helios.ee.lbl.gov), Dec 31, 1989:
+ *	- Initial distribution.
+ */
+
+#ifndef _VJCOMPRESS_H_
+#define	_VJCOMPRESS_H_
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define	MAX_STATES 16		/* must be > 2 and < 256 */
+#define	MAX_HDR	   128
+
+/*
+ * Compressed packet format:
+ *
+ * The first octet contains the packet type (top 3 bits), TCP
+ * 'push' bit, and flags that indicate which of the 4 TCP sequence
+ * numbers have changed (bottom 5 bits).  The next octet is a
+ * conversation number that associates a saved IP/TCP header with
+ * the compressed packet.  The next two octets are the TCP checksum
+ * from the original datagram.  The next 0 to 15 octets are
+ * sequence number changes, one change per bit set in the header
+ * (there may be no changes and there are two special cases where
+ * the receiver implicitly knows what changed -- see below).
+ *
+ * There are 5 numbers which can change (they are always inserted
+ * in the following order): TCP urgent pointer, window,
+ * acknowlegement, sequence number and IP ID.  (The urgent pointer
+ * is different from the others in that its value is sent, not the
+ * change in value.)  Since typical use of SLIP links is biased
+ * toward small packets (see comments on MTU/MSS below), changes
+ * use a variable length coding with one octet for numbers in the
+ * range 1 - 255 and 3 octets (0, MSB, LSB) for numbers in the
+ * range 256 - 65535 or 0.  (If the change in sequence number or
+ * ack is more than 65535, an uncompressed packet is sent.)
+ */
+
+/*
+ * Packet types (must not conflict with IP protocol version)
+ *
+ * The top nibble of the first octet is the packet type.  There are
+ * three possible types: IP (not proto TCP or tcp with one of the
+ * control flags set); uncompressed TCP (a normal IP/TCP packet but
+ * with the 8-bit protocol field replaced by an 8-bit connection id --
+ * this type of packet syncs the sender & receiver); and compressed
+ * TCP (described above).
+ *
+ * LSB of 4-bit field is TCP "PUSH" bit (a worthless anachronism) and
+ * is logically part of the 4-bit "changes" field that follows.  Top
+ * three bits are actual packet type.  For backward compatibility
+ * and in the interest of conserving bits, numbers are chosen so the
+ * IP protocol version number (4) which normally appears in this nibble
+ * means "IP packet".
+ */
+
+/* packet types */
+#define	TYPE_IP 0x40
+#define	TYPE_UNCOMPRESSED_TCP 0x70
+#define	TYPE_COMPRESSED_TCP 0x80
+#define	TYPE_ERROR 0x00
+
+/* Bits in first octet of compressed packet */
+#define	NEW_C	0x40	/* flag bits for what changed in a packet */
+#define	NEW_I	0x20
+#define	NEW_S	0x08
+#define	NEW_A	0x04
+#define	NEW_W	0x02
+#define	NEW_U	0x01
+
+/* reserved, special-case values of above */
+#define	SPECIAL_I (NEW_S|NEW_W|NEW_U)		/* echoed interactive traffic */
+#define	SPECIAL_D (NEW_S|NEW_A|NEW_W|NEW_U)	/* unidirectional data */
+#define	SPECIALS_MASK (NEW_S|NEW_A|NEW_W|NEW_U)
+
+#define	TCP_PUSH_BIT 0x10
+
+
+/*
+ * "state" data for each active tcp conversation on the wire.  This is
+ * basically a copy of the entire IP/TCP header from the last packet
+ * we saw from the conversation together with a small identifier
+ * the transmit & receive ends of the line use to locate saved header.
+ */
+struct cstate {
+	struct cstate *cs_next;	/* next most recently used state (xmit only) */
+	ushort_t cs_hlen;	/* size of hdr (receive only) */
+	uchar_t cs_id;		/* connection # associated with this state */
+	uchar_t cs_filler;
+	union {
+		char csu_hdr[MAX_HDR];
+		struct ip csu_ip; /* ip/tcp hdr from most recent packet */
+	} vjcs_u;
+};
+#define	cs_ip vjcs_u.csu_ip
+#define	cs_hdr vjcs_u.csu_hdr
+
+/*
+ * all the state data for one serial line (we need one of these per line).
+ */
+struct vjcompress {
+	struct cstate *last_cs;	/* most recently used tstate */
+	uchar_t last_recv;		/* last rcvd conn. id */
+	uchar_t last_xmit;		/* last sent conn. id */
+	ushort_t flags;
+#ifndef VJ_NO_STATS
+	struct vjstat stats;
+#endif
+	struct cstate tstate[MAX_STATES];	/* xmit connection states */
+	struct cstate rstate[MAX_STATES];	/* receive connection states */
+};
+
+/* flag values */
+#define	VJF_TOSS 1		/* tossing rcvd frames because of input err */
+
+extern void  vj_compress_init __P((struct vjcompress *comp, int max_state));
+extern uint_t vj_compress_tcp __P((struct ip *ip, uint_t mlen,
+				struct vjcompress *comp, int compress_cid_flag,
+				uchar_t **vjhdrp));
+extern void  vj_uncompress_err __P((struct vjcompress *comp));
+extern int   vj_uncompress_uncomp __P((uchar_t *buf, int buflen,
+				struct vjcompress *comp));
+extern int   vj_uncompress_tcp __P((uchar_t *buf, int buflen, int total_len,
+				struct vjcompress *comp, uchar_t **hdrp,
+				uint_t *hlenp));
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _VJCOMPRESS_H_ */