Tài liệu Understanding NETWORK INTERNALS LINUX pptx

www.it-ebooks.info

www.it-ebooks.info

Understanding

LINUX

NETWORK

INTERNALS

www.it-ebooks.info

Other Linux resources from O’Reilly

Related titles Linux in a Nutshell

Linux Network

Administrator’s Guide

Running Linux

Linux Device Drivers

Understanding the Linux

Kernel

Building Secure Servers with

Linux

LPI Linux Certification in a

Nutshell

Learning Red Hat Linux

Linux Server HacksTM

Linux Security Cookbook

Managing RAID on Linux

Linux Web Server CD

Bookshelf

Building Embedded Linux

Systems

Linux Books

Resource Center

linux.oreilly.com is a complete catalog of O’Reilly’s books on

Linux and Unix and related technologies, including sample

chapters and code examples.

ONLamp.com is the premier site for the open source web plat￾form: Linux, Apache, MySQL, and either Perl, Python, or PHP.

Conferences O’Reilly brings diverse innovators together to nurture the ideas

that spark revolutionary industries. We specialize in document￾ing the latest tools and systems, translating the innovator’s

knowledge into useful skills for those in the trenches. Visit

conferences.oreilly.com for our upcoming events.

Safari Bookshelf (safari.oreilly.com) is the premier online refer￾ence library for programmers and IT professionals. Conduct

searches across more than 1,000 books. Subscribers can zero in

on answers to time-critical questions in a matter of seconds.

Read the books on your Bookshelf from cover to cover or sim￾ply flip to the page you need. Try it today with a free trial.

www.it-ebooks.info

Understanding

LINUX

NETWORK

INTERNALS

Christian Benvenuti

Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo

www.it-ebooks.info

Understanding Linux Network Internals

by Christian Benvenuti

Copyright © 2006 O’Reilly Media, Inc. All rights reserved.

Printed in the United States of America.

Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472.

O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions

are also available for most titles (safari.oreilly.com). For more information, contact our corporate/insti￾tutional sales department: (800) 998-9938 or corporate@oreilly.com.

Editor: Andy Oram

Production Editor: Philip Dangler

Cover Designer: Karen Montgomery

Interior Designer: David Futato

Printing History:

December 2005: First Edition.

Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of

O’Reilly Media, Inc. The Linux series designations, Understanding Linux Network Internals, images of

the American West, and related trade dress are trademarks of O’Reilly Media, Inc.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as

trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a

trademark claim, the designations have been printed in caps or initial caps.

While every precaution has been taken in the preparation of this book, the publisher and author assume

no responsibility for errors or omissions, or for damages resulting from the use of the information

contained herein.

[M]

ISBN: 978-0-596-00255-8 [5/08]

www.it-ebooks.info

v

Table of Contents

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Part I. General Background

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Basic Terminology 3

Common Coding Patterns 4

User-Space Tools 18

Browsing the Source Code 19

When a Feature Is Offered as a Patch 20

2. Critical Data Structures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

The Socket Buffer: sk_buff Structure 22

net_device Structure 43

Files Mentioned in This Chapter 57

3. User-Space-to-Kernel Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

Overview 58

procfs Versus sysctl 60

ioctl 67

Netlink 70

Serializing Configuration Changes 71

www.it-ebooks.info

vi | Table of Contents

Part II. System Initialization

4. Notification Chains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Reasons for Notification Chains 75

Overview 77

Defining a Chain 78

Registering with a Chain 78

Notifying Events on a Chain 79

Notification Chains for the Networking Subsystems 81

Tuning via /proc Filesystem 82

Functions and Variables Featured in This Chapter 83

Files and Directories Featured in This Chapter 83

5. Network Device Initialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

System Initialization Overview 84

Device Registration and Initialization 86

Basic Goals of NIC Initialization 86

Interaction Between Devices and Kernel 87

Initialization Options 93

Module Options 93

Initializing the Device Handling Layer: net_dev_init 94

User-Space Helpers 96

Virtual Devices 100

Tuning via /proc Filesystem 103

Functions and Variables Featured in This Chapter 104

Files and Directories Featured in This Chapter 105

6. The PCI Layer and Network Interface Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

Data Structures Featured in This Chapter 106

Registering a PCI NIC Device Driver 108

Power Management and Wake-on-LAN 109

Example of PCI NIC Driver Registration 110

The Big Picture 112

Tuning via /proc Filesystem 114

Functions and Variables Featured in This Chapter 114

Files and Directories Featured in This Chapter 115

www.it-ebooks.info

Table of Contents | vii

7. Kernel Infrastructure for Component Initialization . . . . . . . . . . . . . . . . . . . . 116

Boot-Time Kernel Options 116

Module Initialization Code 122

Optimized Macro-Based Tagging 125

Boot-Time Initialization Routines 128

Memory Optimizations 130

Tuning via /proc Filesystem 134

Functions and Variables Featured in This Chapter 134

Files and Directories Featured in This Chapter 135

8. Device Registration and Initialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

When a Device Is Registered 137

When a Device Is Unregistered 138

Allocating net_device Structures 138

Skeleton of NIC Registration and Unregistration 140

Device Initialization 141

Organization of net_device Structures 145

Device State 147

Registering and Unregistering Devices 149

Device Registration 154

Device Unregistration 156

Enabling and Disabling a Network Device 159

Updating the Device Queuing Discipline State 161

Configuring Device-Related Information from User Space 166

Virtual Devices 169

Locking 171

Tuning via /proc Filesystem 171

Functions and Variables Featured in This Chapter 172

Files and Directories Featured in This Chapter 173

Part III. Transmission and Reception

9. Interrupts and Network Drivers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Decisions and Traffic Direction 178

Notifying Drivers When Frames Are Received 178

Interrupt Handlers 183

softnet_data Structure 206

www.it-ebooks.info

viii | Table of Contents

10. Frame Reception . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210

Interactions with Other Features 211

Enabling and Disabling a Device 211

Queues 212

Notifying the Kernel of Frame Reception: NAPI and netif_rx 212

Old Interface Between Device Drivers and Kernel: First Part of netif_rx 219

Congestion Management 225

Processing the NET_RX_SOFTIRQ: net_rx_action 228

11. Frame Transmission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239

Enabling and Disabling Transmissions 241

12. General and Reference Material About Interrupts . . . . . . . . . . . . . . . . . . . . . 261

Statistics 261

Tuning via /proc and sysfs Filesystems 262

Functions and Variables Featured in This Part of the Book 263

Files and Directories Featured in This Part of the Book 265

13. Protocol Handlers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266

Overview of Network Stack 266

Executing the Right Protocol Handler 274

Protocol Handler Organization 278

Protocol Handler Registration 279

Ethernet Versus IEEE 802.3 Frames 281

Tuning via /proc Filesystem 293

Functions and Variables Featured in This Chapter 293

Files and Directories Featured in This Chapter 294

Part IV. Bridging

14. Bridging: Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297

Repeaters, Bridges, and Routers 297

Bridges Versus Switches 299

Hosts 300

Merging LANs with Bridges 300

Bridging Different LAN Technologies 302

Address Learning 302

Multiple Bridges 305

www.it-ebooks.info

Table of Contents | ix

15. Bridging: The Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310

Basic Terminology 311

Example of Hierarchical Switched L2 Topology 311

Basic Elements of the Spanning Tree Protocol 314

Bridge and Port IDs 321

Bridge Protocol Data Units (BPDUs) 323

Defining the Active Topology 328

Timers 335

Topology Changes 340

BPDU Encapsulation 344

Transmitting Configuration BPDUs 346

Processing Ingress Frames 347

Convergence Time 349

Overview of Newer Spanning Tree Protocols 350

16. Bridging: Linux Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355

Bridge Device Abstraction 355

Important Data Structures 359

Initialization of Bridging Code 360

Creating Bridge Devices and Bridge Ports 361

Creating a New Bridge Device 362

Bridge Device Setup Routine 362

Deleting a Bridge 364

Adding Ports to a Bridge 364

Enabling and Disabling a Bridge Device 367

Enabling and Disabling a Bridge Port 368

Changing State on a Bridge Port 370

The Big Picture 371

Forwarding Database 373

Handling Ingress Traffic 375

Transmitting on a Bridge Device 380

Spanning Tree Protocol (STP) 380

netdevice Notification Chain 389

17. Bridging: Miscellaneous Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391

User-Space Configuration Tools 391

Tuning via /proc Filesystem 396

Tuning via /sys Filesystem 396

Statistics 398

www.it-ebooks.info

x | Table of Contents

Data Structures Featured in This Part of the Book 398

Functions and Variables Featured in This Part of the Book 403

Files and Directories Featured in This Part of the Book 405

Part V. Internet Protocol Version 4 (IPv4)

18. Internet Protocol Version 4 (IPv4): Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . 409

IP Protocol: The Big Picture 409

IP Header 411

IP Options 414

Packet Fragmentation/Defragmentation 420

Checksums 432

19. Internet Protocol Version 4 (IPv4): Linux Foundations and Features . . . . . 439

Main IPv4 Data Structures 439

General Packet Handling 443

IP Options 453

20. Internet Protocol Version 4 (IPv4): Forwarding and Local Delivery . . . . . . 466

Forwarding 466

Local Delivery 472

21. Internet Protocol Version 4 (IPv4): Transmission . . . . . . . . . . . . . . . . . . . . . . 473

Key Functions That Perform Transmission 474

Interface to the Neighboring Subsystem 510

22. Internet Protocol Version 4 (IPv4): Handling Fragmentation . . . . . . . . . . . 511

IP Fragmentation 512

IP Defragmentation 521

23. Internet Protocol Version 4 (IPv4): Miscellaneous Topics . . . . . . . . . . . . . . . 536

Long-Living IP Peer Information 536

Selecting the IP Header’s ID Field 540

IP Statistics 541

IP Configuration 545

IP-over-IP 550

IPv4: What’s Wrong with It? 551

Tuning via /proc Filesystem 553

Data Structures Featured in This Part of the Book 555

www.it-ebooks.info

Table of Contents | xi

Functions and Variables Featured in This Part of the Book 565

Files and Directories Featured in This Part of the Book 568

24. Layer Four Protocol and Raw IP Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569

Available L4 Protocols 569

L4 Protocol Registration 571

L3 to L4 Delivery: ip_local_deliver_finish 574

IPv4 Versus IPv6 582

Tuning via /proc Filesystem 583

Functions and Variables Featured in This Chapter 583

Files and Directories Featured in This Chapter 583

25. Internet Control Message Protocol (ICMPv4) . . . . . . . . . . . . . . . . . . . . . . . . . 585

ICMP Header 586

ICMP Payload 587

ICMP Types 588

Applications of the ICMP Protocol 595

The Big Picture 598

Protocol Initialization 599

Data Structures Featured in This Chapter 600

Transmitting ICMP Messages 602

Receiving ICMP Messages 611

ICMP Statistics 617

Passing Error Notifications to the Transport Layer 619

Tuning via /proc Filesystem 620

Functions and Variables Featured in This Chapter 622

Files and Directories Featured in This Chapter 622

Part VI. Neighboring Subsystem

26. Neighboring Subsystem: Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 625

What Is a Neighbor? 625

Reasons That Neighboring Protocols Are Needed 628

Linux Implementation 634

Proxying the Neighboring Protocol 637

When Solicitation Requests Are Transmitted and Processed 640

Neighbor States and Network Unreachability Detection (NUD) 642

www.it-ebooks.info

xii | Table of Contents

27. Neighboring Subsystem: Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 651

Main Data Structures 651

Common Interface Between L3 Protocols and Neighboring Protocols 655

General Tasks of the Neighboring Infrastructure 666

Reference Counts on neighbour Structures 670

Creating a neighbour Entry 671

Neighbor Deletion 673

Acting As a Proxy 679

L2 Header Caching 683

Protocol Initialization and Cleanup 687

Interaction with Other Subsystems 688

Interaction Between Neighboring Protocols and L3 Transmission

Functions 692

Queuing 696

28. Neighboring Subsystem: Address Resolution Protocol (ARP) . . . . . . . . . . . 699

ARP Packet Format 700

Example of an ARP Transaction 702

Gratuitous ARP 702

Responding from Multiple Interfaces 707

Tunable ARP Options 708

ARP Protocol Initialization 714

Initialization of a neighbour Structure 716

Transmitting and Receiving ARP Packets 722

Processing Ingress ARP Packets 726

Proxy ARP 735

Examples 740

External Events 742

ARPD 744

Reverse Address Resolution Protocol (RARP) 746

Improvements in ND (IPv6) over ARP (IPv4) 748

29. Neighboring Subsystem: Miscellaneous Topics . . . . . . . . . . . . . . . . . . . . . . . 749

System Administration of Neighbors 749

Tuning via /proc Filesystem 752

Data Structures Featured in This Part of the Book 757

Files and Directories Featured in This Part of the Book 774

www.it-ebooks.info

Table of Contents | xiii

Part VII. Routing

30. Routing: Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 777

Routers, Routes, and Routing Tables 778

Essential Elements of Routing 781

Routing Table 793

Lookups 798

Packet Reception Versus Packet Transmission 800

31. Routing: Advanced . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 802

Concepts Behind Policy Routing 802

Concepts Behind Multipath Routing 808

Interactions with Other Kernel Subsystems 815

Routing Protocol Daemons 819

Verbose Monitoring 821

ICMP_REDIRECT Messages 822

Reverse Path Filtering 828

32. Routing: Linux Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 830

Kernel Options 830

Main Data Structures 834

Route and Address Scopes 837

Primary and Secondary IP Addresses 841

Generic Helper Routines and Macros 842

Global Locks 843

Routing Subsystem Initialization 844

External Events 845

Interactions with Other Subsystems 858

33. Routing: The Routing Cache. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 861

Routing Cache Initialization 861

Hash Table Organization 862

Major Cache Operations 864

Multipath Caching 873

Interface Between the DST and Calling Protocols 879

Flushing the Routing Cache 885

Garbage Collection 886

Egress ICMP REDIRECT Rate Limiting 896

www.it-ebooks.info