Today, I will introduce the core part of Linux networking technology – the TCP/IP protocol stack.
First, let’s look at the abstract network protocol stack model.
TCP/IP Four-layer (Reference) Model
Next, we’ll look at the Linux kernel protocol stack implementation framework from a layered perspective.
Top-Down Approach
Socket / L4 TCP Layer
1. Socket Layer
Socket Object Hierarchy
Socket Framework
-
Socket System Calls (socket, bind, listen, accept, send, recv, etc.)
-
BSD Socket API
-
Protocol Stack Sock Abstraction Adaptation Layer
-
TCP/UDP/ICMP/Raw/Packet/Netlink/… Socket Management
-
Socket Options
2. TCP/UDP Layer
-
TCP Message Sending and Receiving
-
TCP Socket Connection Management
-
TCP Protocol State Machine, Timer Handling
-
TCP Sliding Window, Congestion Control Framework
L3 IP Layer
1. IP Handle
-
Message Fragmentation and Reassembly
-
IP Protocol Field Processing, IP Options, QoS, TTL, Checksum, etc.
-
Message Reception (Decapsulation) and Sending (IP Protocol Encapsulation, provided to upper layer interfaces)
-
Multicast, ICMP Protocol Handling, etc.
2. Netfilter Framework
Five HOOK points:
PREROUTING: Before the packet enters the routing table
INPUT: After passing the routing table, destination is local
FORWARD: After passing the routing table, destination is not local
OUTPUT: Generated by the local machine, sent out
POSTROUTING: Before sending to the network card interface.
Each HOOK point will execute some functions, roughly divided into the following tables:
NAT Table: Used to implement NAT functionality, port mapping, address mapping, etc.
Mangle Table: Used to modify messages, such as changing the TOS/DSCP/ECN bits of the IP header
Filter Table: Used to filter messages
Raw Table: Used to mark messages in advance to skip some processes (e.g., no need to establish a session)
Conntrack Table: Connection tracking table, tracks connection sessions, forms the basis for stateful firewalls and NAT functionality, can be extended for more functionalities.
Core Processing Workflow
Main Functions
-
Stateless Packet Filtering (IPv4 and IPv6)
-
Stateful Packet Filtering (IPv4 and IPv6)
-
Various Network Address and Port Translations, such as NAT/NAPT (IPv4 and IPv6)
-
Flexible and Scalable Infrastructure
-
Third-party Extension API
3. Routing System
Protocol Stack Processing Location
Routing Subsystem Architecture
-
FIB (The Forwarding Information Base)
-
Policy Routing Policies
-
Routing Matching HASH, LC-tries, etc.
Main Functions
-
Layer 3 Routing Forwarding
4. Neighbor System
-
ARP Protocol (IPv4), NDP Protocol (IPv6)
-
Neighbor Table Creation, Update, Aging Mechanism, State Transition, etc.
-
API Interface
Main Functions
-
Obtaining MAC Address
L2 Link Layer (Driver)
1. Link Layer
Bridge
-
FDB (MAC Forwarding Database) Management
-
Port, Bridge Object Management and Message Reception, Forwarding
-
STP, VLAN Protocol Related Processing
Main Functions
-
Implement Layer 2 MAC Forwarding
Link Protocol
-
IEEE 802 Protocol Family (STP, VLAN, Ethernet, Wireless WiFi, Token Ring, etc.)
Packet Type
-
Protocol Handler
-
Packet Type List
Main Functions
-
Link Layer Message Protocol Dispatching
Traffic Control
-
qdisc: Caches packets through queues to control network send/receive speed
-
class: Represents control policies
-
filter: Used to classify packets into specific control policies
Main Functions
-
Provides Traffic Limiting, Shaping, and Policy Control Mechanisms (QoS)
2. Hardware Driver Layer
-
Network Device Management
-
RPS, RFS, XPS, GRO, GSO, TSO and other Optimization Features
-
Network Card Soft Interrupt Send/Receive, NAPI, DMA
-
Supports Various Network Card Driver Implementations
Protocol Stack File System
Proc FileSystem
-
/proc/net
-
/proc/sys/net
ipv4
core
Sys FileSystem
-
/sys/class/net/ethx
Main Functions
-
Provides Protocol Stack Related Configuration Queries and Settings
Finally
Overall Architecture Diagram
If you want to know more details, please read the Linux kernel source code or refer to the following two classic works:
“The Linux Networking Architecture”
“Understanding Linux Network Internals”
Send “Protocol Stack” to this public account to obtain classic book PDFs
– EOF –
1. 36 Images Explaining Basic Networking Knowledge
2. With this tool, you will never fear writing shell incorrectly again
3. 36 Images Explaining DNS: The Navigation of the Network World
Did you gain anything from this article? Please share it with more people.
Recommend following “Linux Enthusiasts” to enhance your Linux skills.
Likes and views are the greatest support ❤️