NetWorks Linux and the network are almost synonymous. In fact, Linux is the product of Internet or WWW. Its developers and users use web exchange information, ideas, code and Linux itself is often used to support networking requirements of some organizations. This chapter describes how Linux supports a network protocol that is collectively referred to as TCP / IP. The TCP / IP protocol is designed to support communication between computers connected to the ArpaNet. Arpanet is a US research network invested by the US government. Arpanet is a pioneer of network concepts, such as packet exchange and protocol layers, allowing a protocol to utilize other protocols. Arpanet exited in 1988, but its successor (NSF NET and Internet) has even greater. The World Wide Web now known is developed in Arpane, which is also supported by TCP / IP protocol. Unix uses a lot of use on the ArpaNet, the first released web version of UNIX is 4.3BSD. Linux's network implementation is based on 4.3BSD models that support BSD Socket (and some extensions) and full range of TCP / IP network features. This programming interface is chosen because of its popularity and can help prime between Linux and other UNIX platforms. 10.1 An Overview Of TCP / IP Networking (TCP / IP Network Overview) This section gives an overview for the main principle of the TCP / IP network. This is not a detailed description. To describe more detailed, read the 10th Reference (Appendix). In an IP network, each machine allocates an IP address, which is a 32-bit number, uniquely identifies this machine. WWW is a very huge, growing IP network, each connected to the machine allocated a unique IP address. The IP address is indicated by the four numbers separated, for example, 16.42.0.9. The IP address is actually divided into two parts: network address and host address. The size (size) of these addresses may be different (several types of IP addresses), with 16.42.0.9 as an example, the network address is 16.42, and the host address is 0.9. Host addresses can be further divided into subnets (Subnetwork) and host addresses. Take 16.42.0.9 again as an example, the subnet address can be 16.42.0, and the host address is 16.42.0.9. Further division for IP addresses allows individual organizations to divide their own networks. For example, assuming 16.42 is the network address of the ACME computer company, 16.42.0 can be subnet 0, 16.42.1 can be subnet 1. These subnets can be connected by telephone lines in separate buildings or even through microwave connections. The IP address is assigned by the network administrator, using the IP subnet is a good way to disperse network management tasks. The IP subnet administrator can freely assign IP addresses in their own subnet. However, usually IP addresses are difficult to memorize, and the name is more easily memorized. Linux.acme.com is better than 16.42.0.9. A mechanism must be used to convert the network name to an IP address. These names can static in / etc / hosts files or let Linux ask a distributed name server (Distributed Name Server DNS) to parse the name. In this case, the local host must know the IP address of one or more DNS servers, specified in /etc/resolv.conf.
No matter when you connect another machine, you have to use its IP address and the machine to exchange data. This data is included in the Packet, each message has an IP header (including IP addresses, one checksum, and other useful information for the source and target machine. This verification is from IP If the data of the text, the recipient of the IP packet can determine whether IP packets are corrupted during the transmission (may be a noise phone line). The data transmitted by the application may be decomposed into a smaller for easy processing. Packets. The size of the IP data message is dependent on the media that changes: Ethernet packets are usually greater than PPP packets. The target host must reload these data packets, and then give it to the receiver. If you pass a quite Slow Serial Connection Accesses a web page including a large graphics image, you can see the data decomposition and reorganization by graphics. The host connected to the same IP subnet can send IP packets directly, while others IP packets must be sent via a special host (gateway). Gateway (or router) is connected to more than one subnet, which resends the IP packets received on one subnet to another. For example, if the child Net 16.42.1.0 and 16.42.0.0 are connected by a gateway, then all messages sent from subnet 0 to subnets 1 must be sent to the gateway, so that the local host creates a routing table, let it want The forwarded IP packets are sent to the correct machine. For each IP target, there is an entry in the routing table, telling Linux to send the IP packet to that host first. These routing tables are dynamic And when the application uses the network and network topology changes. The IP protocol is the transport layer protocol, which is used by other protocols. The Transfer Control Protocol (TCP) is a reliable end-to-end protocol, using IP Transfer and receive its packets. Like the IP packets, TCP also has its own head. TCP is a connection-oriented protocol, two network applications are connected by a virtual connection, even they may There will be many subnets, gateways, and routers. TCP reliably transmits and receives data between two applications, and guarantees that there will be no loss and repetition data. When TCP uses IP to transfer its packet, in IP The data contained in the packet is TCP packet itself. The IP layer of each communication host is responsible for transmitting and receiving IP packets. The User Data News Protocol (UDP) also transmits its packets using the IP layer, but is not like TCP, UDP is not a reliable protocol, which only provides datagram. Other protocols can also use IP means that when receiving IP packets, the received IP layer must know which one contained in this IP message is given to which one Upper level agreement. To this end, each IP packet has a byte that contains a protocol identifier. When the TCP request IP layer transmits an IP packet, the IP packet is indicated by a TCP message. The received IP layer uses this protocol identifier to determine which protocol transmitted upward on the received data, in which case the TCP layer. When the application communicates through TCP / IP, they must not only specify the IP address of the target, but also specify the port (port) address of the target application. A port address uniquely identifies an application, standard network application uses standard port addresses: For example, a web server uses port 80. These already registered port addresses can be checked in / etc / services.
The protocol stratification is not only stayed in TCP, UDP, and IP. The IP protocol itself uses many different physical media and other IP hosts to transfer IP packets. These media you can also increase their own protocol headers. Such examples include Ethernet, PPP, and SLIP. An Ethernet allows many hosts to simultaneously connect on a physical cable. Each transmitted Ethernet can be seen by all connections, so each Ethernet device has a unique address. Each of the Ethernet frame transmitted to that address will be received by the host of the address, and other hosts connected to this network are ignored. This unique address is built in the device during each Ethernet device, usually saved in the SROM of the Ethernet card. The Ethernet address is long, for example, may be from 08-00-2B-00-49-4A. Some Ethernet addresses are reserved for multi-point broadcast, and the Ethernet frame sent by this target address will be received by all hosts on the network. Because many different protocols (as data) may carry in the Ethernet frame, the same protocol identifier is included as in the IP packets. This allows the Ethernet layer to properly receive IP packets and transmit data to the IP layer. In order to transmit the IP packets, for example, through an Ethernet, the IP layer must find the Ethernet address of this IP host. This is because the IP address is just a concept of addressing, and Ethernet devices have their own physical address. IP addresses can be assigned and reassigned by the network administrator as needed, while network hardware only responds to Ethernet frames with its own physical address, or special multipoint broadcast addresses (all machines must be received). Linux Use the Address Resolution Protocol (ARP) to convert the IP address into a real hardware address such as an Ethernet address. In order to get the hardware address contained in an IP address, a host sends an ARP request package that includes the IP address it wants to convert, send it to a multipoint broadcast address, allowing all points on the network to be received. The target host with this IP address responds to a ARP, which includes its physical hardware address. APR is not limited to the Ethernet device, but it can also resolve the IP address of other physical media, such as FDDI. The device that cannot perform ARP will be marked so that Linux does not need to try to ARP them. There is also an opposite function, reverse ARP, or RARP, converts the physical address to the IP address. This is used for the gateway to respond to the ARP request to represent the IP address of the remote network. 10.2 The Linux TCP / IP Networking Layers, like the Network Protocol, Figure 10.2 shows that Linux is a series of connected software layers for the Internet protocol address family. BSD Socket is supported by Universal Socket management software related to BSD socket. Support these is an INET Socket layer that manages the communication endpoint based on IP-based protocol TCP and UDP. UDP is an unconnected protocol, and TCP is a reliable end-to-end protocol. When transmitting UDP packets, Linux does not know if they don't care whether they are safe to reach destination. The TCP packet is numbered, and each end of the TCP connection ensures that the transmitted data is received correctly. The IP layer includes code implementation of Internet Protocol. This code adds IP heads before transmitting data, and knows how to forward the IP packets into the TCP or UDP layer. Under the IP layer, Linux network is supported by network devices, such as PPP and Ethernet.
Network devices are not always manifested as physical devices: some of these such as loopback devices are just pure software devices. Unlike standard Linux devices created with mknod commands, the network device only appears after the software found and initializes them. You can only see the device file / dev / eth0 after establishing the Russian, you can see the device file / dev / eth0. The ARP protocol is located between the IP layer and supports ARP protocol. 10.3 The BSD Socket Interface (BSD Socket Interface) This is a universal interface that not only supports a variety of forms of networking, but also a communication mechanism between processes. A socket describes one end of the communication connection, each of the two communication processes will have a socket, describe the own part of the communication connection between them. Sockets can imagine a special form of pipeline, but with different pipelines, Socket is not limited to the amount of data that can accommodate. Linux supports several types of Socket, which are called Address Families. This is because each category has its own communication addressing method. Linux supports the following socket address families or domain: UNIX Unix domain sockets, INET The Internet address family supports communications viaTCP / IP protocolsAX25 Amateur radio X25IPX Novell IPXAPPLETALK Appletalk DDPX25 X25 socket There are several types, each of which represents a support service on connection type. Not all Address Families support all types of services. Linux BSD Socket supports the following Socket types. STREAM This socket provides a reliable, bidirectional data stream that guarantees that data will not be lost, damaged or repeated during transmission. Stream Socket In INET Address Family, the TCP protocol supports DataGram this Socket also provides two-way data transfer, but it is different from Stream Socket, which does not guarantee the message. Even it arrives nor guaranteed that they will reach or have no repetitive or damage. This type of Socket is supported by UDP protocol in Internet Address Family. RAW This allows the process to access the underlying protocol directly (so "RAW"). For example, you can open a RAW Socket to an Ethernet device to view the RAW IP data stream. Reliable Delivered Messages This is very similar to the data. Text Using Socket Communication process with a model of a client server. Server provides services, while customers use this service. One such example is a web server, providing web page and a web client (or browser) to read these pages. Use the socket server, first create a socket and then a name for it. The format of this name is related to Socket's Address Family, which is the local address of the server. The name or address of the Socket is specified with the SockAddr data structure. A Inet Socket will bind an IP port address.
The registered port numbers can be seen in / etc / services: For example, the port of the web server is 80. After binding an address on the socket, the server comes in to the connection request for the bound address. The sponsor of the request, the customer, create a socket, and perform a connection request above, specify the destination address of the server. For an INET Socket, the server's address is its IP address and its port address. These incoming requests must find its path through a large number of protocol layers, and then wait at the server's listening port. Once the server has received the request, it accepts (ACCEPT) or rejects it. If you want to accept the request, the server must create a new Socket to accept it. Once a socket has been used to listen to the connected connection request, it can no longer be used to support a connection. After the connection is established, both ends are free to send and receive data. Finally, it can be turned off when a connection is no longer needed. Be careful to ensure that the data packets being transferred correctly. The exact significance of the operation on a BSD socket relies on its underlying address family. Building a TCP / IP connection and establishing an amateur radio X.25 connection is very different. Like the virtual file system, Linux is supported by the BSD Socket layer supported by the Software and the independent address family abstracts the Socket interface between BSD socket and applications. When the core is initialized, the address family based on the core registers yourself to the BSD Socket interface. Later, when the application creates and uses BSD socket, establish a connection between BSD socket and its support address family. This connection is implemented by the cross-shaped data structure and address family support routines. For example, when an application creates a new Socket, the BSD Socket interface uses the address-related Socket creation routine. When the core is configured, a set of address families and protocols have established a protocols vectors. Each is represented by its name (such as "inet") and its initialization routine. When startup, the socket interface is initialized, and the initialization code of each protocol is called. For the Socket address family, they will register a series of protocol operations. This is some routines, each performing a special operation related to the address family. The registered protocol operation is saved in the POPS vector table, which saves points to the PROTO_OPS data structure. The PROTO_OPS data structure includes a protocol type and a pointer to the Socket operation routine related to a specific address family. The POPS vector gauge is an identifier of the address company as an index, such as the identifier of Internet Address Family (AF_INET is 2). See include / linux / net.h10.4 The INET Socket Layer Inet Socket layer supports Internet Address Family with TCP / IP protocol. As discussed above, these protocols are hierarchical, and each protocol uses services for other protocols. Linux's TCP / IP code and data structures reflect this hierarchy. Its and the BSD Socket layer interface is performed by the Internet Address Family Socket operation to the BSD Socket layer when initialized through the network. These and other registered address famils are placed together in the POPS vector table. The BSD Socket layer completes its work by calling the Socket support routine of the INET layer in the registered Proto_OPS data structure.
For example, an address family is an INET's BSD Socket creation request to create a function using the underlying Inet Socket. Each time the BSD Socket layer passes the Socket data structure representing the BSD socket to the Inet layer. The INET Socket layer uses its own data structure socket, connects to the BSD socket data structure instead of using TCP / IP-related information to mess with the BSD Socket. See Figure 10.3 for this connection. It connects the SOCK data structure and the BSD Socket data structure using the DATA pointer in the BSD socket. This means that subsequent INET Socket calls can easily get this SOCK data structure. The protocol operation pointer of the SOCK data structure is also established when creating, which relies on the requested protocol. If the TCP is requested, the protocol operating pointer of the SOCK data structure points to a series of TCP protocols required for TCP connections. See INCLUDE / NET / SOCK.H10.4.1 Creating A BSD Socket Creating a new Socket system call requires the identifier of its address family, the type and protocol of Socket. First, use the requested address family to find a matching address family in the POPS vector table. It may be a special address family that uses the core module. If so, the Kerneld core process must load this module, we can continue. Then allocate a new Socket data structure to represent this BSD Socket. In fact, this socket data structure is physically physically part of the VFS Inode data structure, allocating a socket is actually assigned a VFS inode. This looks strange unless you consider how to operate Socket in the same way as normal files. As all files are represented by the VFS Inode data structure, in order to support file operations, BSD Socket must also be represented by a VFS Inode data structure. This newly created BSD Socket data structure includes a pointer pointing to the Socket routine related to the address family, which is set to the Proto_OPS data structure removed from the POPS vector table. Its type is set to a requesting socket type: SOCK_STREAM, SOCK_DGRAM, etc. One of them, and then use the address call and address family-related creation routine with address-saved address. Then allocate an idle file descriptor from the FD vector table of the current process, which is also initialized. This includes setting the file operation pointer to point to the BSD socket file operation routine supported by the BSD Socket interface. All future operations will be directed to the socket interface, sequentially passed through the operation routine of the supported address family to the corresponding address family. 10.4.2 Binding an address to an inet BSD Socket (for an INET BSD Socket Bind an address) In order to listen to the online connection request, each server must create an INET BSD Socket and bind your address to it. Most of the operation of Bind is processed by the INET Socket layer, and other TCPs and UDP protocol layers are required for the underlying TCP and UDP protocol. Sockets that have been bound to an address cannot be used for other communications. This means that this Socket must be TCP_Close. SockAddr passed to BIND includes the IP address to be bound and a port number (optional). Typically, the bound address will be one of the addresses assigned to the network device of the INET address family, and the interface must be open and can be used.
You can use the ifconfig command to see which network interface in the system is currently activated. The IP address can also be an IP broadcast address (all 1 or 0). This means the special address "sent to everyone". If this machine is used as a transparent proxy or firewall, this IP address can also be set to any IP address. However, only the process with superuser privileges can bind any IP address. This binding IP address is present in the RECV_ADDR and SADDR domain of the SOCK data structure. They are used for Hash search and send IP addresses, respectively. The port number is optional. If no settings are not set, you will request an idle to the supported network. According to conventions, the port numbers less than 1024 cannot be used by a process without superuser privileges. If the underlying network allocation port number, it always assigns a port greater than 1024. When the underlying network device receives the packet, these messages must be transferred to the correct INET and BSD sockets to be processed. To this end, UDP and TCP maintain the Hash Table, to find the address of the IP information, turn them to the correct socket / sock pair. TCP is a connection-oriented protocol, so the TCP packet is more than the information included in the UDP message. UDP maintains a Hash Table, UDP_TABLE that has been assigned UDP ports. This includes a pointer to the SOCK data structure, with a HASH function according to the port number as an index. Because the UDP Hash Table is much smaller than the allowed port number (UDP_HASH only 128, the UDP_HTable_SIZE) table points to a linked list of a SOCK data structure, connects with each Sock's NEXT pointer. TCP is more complicated because it maintains several Hast Table. However, in the binding operation, the TCP actually does not add the bound SOCK data structure to its Hash Table, which is just not used by the requested port. The SOCK data structure is added to the TCP's Hash Table in the Listen operation. 10.4.3 MAKING A Connection To an INET BSD Socket Once a socket is created, if it is not used to listen to the connection request, it can be used to establish an outward connection request. For unconnected protocols, such as UDP, this socket operation does not need to be made, but for connection-oriented protocols such as TCP, it involves establishing a virtual circuit between two applications. An outward connection can only be made on a correct state of INET BSD Socket: That is, it has not been established, and it is not used to listen to the connection. This means that this BSD Socket data structure must be in the SS_UNCONNECTED state. The UDP protocol is not established between the two applications, all sent messages are datagrams, and the messages issued may have not arrived at its destination. However, it also supports the BSD Socket's Connect operation. A connection operation on a UDP INET BSD Socket is just the address of the remote application: its IP address and its IP port number. In addition, it also wants a buffer area of a routing table entry, so that the UDP datagram in this BSD socket does not need to check the routing table database (unless this route is invalid). The routing information of this cache is directed by the IP_ROUTE_CACHE pointer in the INET SOCK data structure. If the address information is not given, the message sent by this BSD Socket automatically uses this cache and IP address information.
UDP changes the status of the SOCK to TCP_ESTABLISHED. For connection operations on a TCP BSD Socket, TCP must establish a TCP message including connection information and send it to a given IP object. This TCP message includes information of the connection: a unique start message sequence number, initiating the maximum size, sending and receiving window size of the message that the host can manage, and the like. In TCP, all messages are compiled, and the initial order number is used as the first message number. Linux Select a reasonable random number to avoid malicious protocol attacks. Each one ends from the TCP connection is sent, and the message successfully received by the other end is confirmed, telling it to successfully arrive, and is not damaged. No confirmed news will be retransmitted. The transmission and reception window size is the number of messages allowed before confirming. If the maximum message size supported by the receiving end network is relatively small, this connection uses two middle minimal one. Executing an outward TCP connection request must now wait for the target application to respond, is it accepting or rejecting this connection request. For the TCP Sock for the desired message, it is added to TCP_LISTENING_HASH, so that the TCP message that comes in can be oriented to this SOCK data structure. TCP also starts the timer so that if the target application does not respond to request, the outward connection request will time out. 10.4.4 LISTENING ON ANET BSD Socket Once a socket has a binding address, it can listen to the connection request to specify the binding address. A network application can listen directly on a socket without binding addresses. In this case, the INET Socket layer finds an unused port number (for this protocol), which is automatically bound to this socket. This Socket's Listen function turns socket to the status of TCP_Listen, and executes the required and network-related work, while allowing the connection. For UDP sockets, changing the status of Socket is enough, but TCP has activated it now to add Socket's SOCK data structure to its two Hash Table. This is TCP_Bound_hash and TCP_Listening_hash table. Both tables index through a Hash function based on the IP port number. Whenever a TCP connection request for activated listening socket is received, TCP has a new SOCK data structure to represent it. This SOCK data structure has become the Buttom Half connected to this TCP before it is ultimately accepted. It also clones contains SK_BUFFs that connect requests and rank it in the receiving_queue queue of the listener SOCK data structure. This cloned SK_BUFF includes a pointer to point to this newly created SOCK data structure. 10.4.5 Accepting Connection Requests UDP does not support connection concepts, accepting the connection request for the INET Socket to the TCP protocol, accepting a new Socket from the original monitable SOCKET data structure. The ACCEPT is then passed to the supported protocol layer, in which case is inet to accept any incoming connection request. If the underlying protocol, such as UDP does not support connection, the INET protocol layer ACCEPT operation will fail. Otherwise, the connection request will pass to a real protocol, here, is TCP. This accept operation may be blocked, or may be non-blocking.
In the case of non-blocking, if an Accept is not required, this Accept operation will fail, and the newly created Socket data structure is discarded. In the case of blocking, the network application that performs an Accept operation will be added to a waiting queue and then hang until a TCP connection request is received. Once a connection request is received, SK_BUFF containing this request will be discarded, and this SOCK data structure is returned to the Inet Socket layer where it is connected to the previously created new Socket data structure. This new Socket file descriptor (FD) is returned to the web application, and the application can use this file descriptor to make Socket operations for this newly created INET BSD Socket. 10.5 The IP Layer 10.5.1 Socket Buffers uses a number of layers, each layer of service, such a problem is that each protocol needs to increase protocols on the data during transmission. Head and tail, and you need to delete when the received data is processed. This allows the data buffer between the protocol to be quite difficult because each layer needs to find its specific protocol head and the end. A solution is to copy buffers at each layer, but this will not be efficient. Alternative, Linux uses the Socket buffer or SOCK_BUFFS to transfer data between the protocol layer and the network device driver. SK_BUFFS includes pointers and length domains, allowing each protocol layer to operate application data using standard functions or methods. Figure 10.4 shows the SK_BUFF data structure: each SK_BUFF has a piece of data it associated. SK_BUFF has four data pointers, and data for manipulating and managing the Socket buffer see INCLUDE / Linux / Skbuff.hhead pointing to the start of the data area in the memory. Determined when SK_Buff and its associated data block are assigned. Data points to the current start of protocol data. This pointer varies with the protocol layer currently owned by this SK_Buff. Tail pointing to the current end of the protocol data. Similarly, this pointer varies from the protocol layer. END points to the end of the data area in the memory. This is determined when this SK_BUFF is allocated. There are two lengths of length fields LEN and TRUESIZE, which describe the length of the current protocol packet and the total length of the data buffer. SK_BUFF processing code provides a standard mechanism to add and remove protocol heads and tails on the application data. This code securely manipulates Data, Tail, and Len fields in SK_BUFF. Push This moves the DATA pointer to the start of the data area and increase the LEN field. Used to add data or protocol header in front of the transmitted data, instead / Linux / Skbuff.h SKB_PUSH () PULL puts the DATA pointer from the data area to the end of the end, and reduces the LEN field. Used to delete data or protocol heads from received data. See INCLUDE / Linux / Skbuff.h SKB_PULL () PUT moves the TAIL pointer to the end of the data area and adds the LEN field to add data or protocol information in the end of the transmitted data or protocol information to see include / Linux / Skbuff.h SKB_PUT () Trim Move the TAIL pointer to the data area and reduce the LEN field. Used to delete data or protocol tail from received data, including the include / Linux / Skbuff.h SKB_TRIM () SK_BUFF data structure also includes some pointers, using these pointers, during processing, this data structure can be stored in the two-way annular chain table of SK_BUFF in. There is a common SK_BUFF routine, add SK_Buffs and delete SK_Buff in the head and tail of these lists.
10.5.2 Receiving IP Packets Chapter 8 describes how Linux network device drivers are established to core and initialized. This creates a series of DEVICE data structures and links together in the DEV_BASE list. Each Device data structure describes its device and provides a set of callback routines that can be called when the network driver is required. Most of these functions are related to transmission data and address of the network device. When a network device receives a data message from its network, it must convert the received data to the SK_BUFF data structure. These received SK_BUFF will increase by the network driver to the Backlog queue when receiving. If the backlog queue grows too much, then the received SK_BUFF is discarded. If there is a job to be executed, the Button Half tag of this network is ready to run. See Net / Core / Dev.c Netif_Rx () When the network's Bottom HALF handler is called by the scheduler, it first handles any web packets waiting to be transmitted, and then handles SK_BUFF's Backlog Backlo queue to determine the received report. Text needs to be transferred to that protocol layer. When the Linux network layer is initialized, each protocol registers yourself, adds a packet_type's data structure in the ptype_all list or ptype_base hash table. This packet_type data structure includes protocol types, pointers of a network drive, a pointer for a data receiving process routine, pointing to this list or Hash Table Next Packet_type data type. The PTYPE_ALL linked list is used to detect all data packets received from any network device, usually not used. PTYPE_BASE HASH TABLE uses the protocol identifier HASH to determine which protocol should receive the network packets that come in. The Bottom Half of the network matches the protocol type of SK_BUFF and one or more packet_type entries in any table. The protocol may match one or more entries, such as when peeping all network communication, this SK_BUFF will be cloned. This SK_BUFF is passed to the process routine of the matching protocol. See NET / CORE / dev.c net_bh () See NET / IPv4 / IP_INPUT.C IP_RECV () 10.5.3 Sending IP Packets Transfer during the application exchange data, or may be to support the established connection Or generate it from the network protocol to establish a connection. Regardless of whether the data is generated, a SK_BUFF containing data is created, and there is a lot of heads when it increases by the protocol layer. This SK_BUFF needs to be transmitted to the network device that is transmitted. But first, agreements, such as IP, need to decide which network device used. This depends on the best route to this message. This route choice is easier for computers connected to a network through MODEM, such as through the PPP protocol. The message should either transfer to the local host with the LoopBack device, or transfer to the gateway of the other end of the PPP MODEM. This choice is more difficult for computers connected to Ethernet, because many computers are connected to the network. For each IP packet transmitted, IP uses routing tables to resolve the route of the target IP address. For each IP target in the routing table, the RTABLE data structure describing the route to be used is returned. Includes the source IP address used, the address of the network DEVICE data structure, sometimes there is a pre-established hardware head.
This hardware header and network device are related to information related to source and destination physical addresses and other same media. If the network device is an Ethernet device, the hardware header will be displayed in Figure 10.1, where the source and destination address will be the physical Ethernet address. Hardware heads and routing caches, because every IP packet transmitted in this route needs to add this header, and establish this header takes time. The hardware head may contain a physical address that must be resolved using the ARP protocol. At this time, the message issued will be suspended until the address is resolved. Once the hardware address is parsed, the hardware head is created, this hardware head is cached so that IP packets using this interface will not be required to perform ARP. See include / net / route.h10.5.4 Data Fragmentation Each network device has a largest packet size, which cannot transmit or receive larger data packets. The IP protocol allows such data to divide the data into a smaller unit of the network device can process. The IP protocol header includes a split field that contains a marker and split offset. When you want to transfer an IP packet, the IP looks for network devices that use to send IP packets. Find this device through the IP routing table. Each device has a field description its maximum transmission unit (byte), which is the MTU field. If the MTU of the device is smaller than the message size of the IP packets waiting to be transmitted, the IP packet must be split into smaller debris (MTU size). Each fragment is represented by a SK_BUFF: its IP header is marked it is split, and the offset of this IP packet in the data. The last message is marked as the last IP fragment. If the IP cannot assign a SK_BUFF during the division into a fragment, this transmission fails. Receiving IP debris is more difficult than sending because IP debris may be received in any order, and they must be received before the recombination. When a IP packet is received, it checks if it is an IP fragment. The first fragment of a message is received. IP creates a new IPQ data structure and connects to the ipqueue list of IP fragments waiting for assembly. When more IP fragments are received, the correct IPQ data structure is found and a new IPFRAG data structure is created to describe this fragment. Each IPQ data structure is uniquely describing an IP receiving frame that is fragmentation, including its source and target IP address, an upper protocol identifier, and an identifier of this IP frame. When all debris is received, they are assembled together into a single SK_BUFF and passed to the next protocol layer. Each IPQ includes a timer that restarts every time a valid fragment is received. If this timer expires, this IPQ data structure and its IPFrag are removed and assume that this message is lost during transmission. Then the high-level protocol is responsible for re-transferring this message. See NET / IPv4 / IP_INPUT.C IP_RCV () 10.6 The Test of the Address Resolution Protocol (ARP) address resolution protocol is to provide the IP address to the transformation of the physical hardware address, such as the Ethernet address. This conversion is required when it transmits data (in the form of a SK_Buff) to the device driver. It conducts some checks, see if this device needs a hardware head, if so, whether the hardware head of this message needs to be rebuilt. Linux cache hardware heads to avoid frequent reconstruction. If the hardware header needs to rebuild, it calls and devices related hardware header retrieration routines. All devices use the same universal header routine and then use the ARP service to convert the IP address of the target to the physical address.
See NET / IPV4 / IP_OUTPUT.C IP_BUILD_XMIT () See NET / Ethernet / Eth.c Rebuild_Header () ARP protocol itself is very simple, including two message types: ARP requests and ARP answers. The ARP request includes the IP address that needs to be converted, the answer (desirable) includes the converted IP address and the hardware address. The ARP request is broadcast to all hosts connected to the network, so all the machines connected to the Ethernet can see this ARP request. The machine with the IP address included in this request responds to this ARP request, with an ARP response with its own physical address. The ARP protocol layer in Linux is established around a table of an ARP_TABLE data structure. Each describes an IP and physical address. These entries are created when the IP address needs to be converted, and when the introduction has become old, it is deleted. Each ARP_TABLE data structure contains the following domain: Last Used This ARP entry previously used time Last Update This ARP entry is updated on the time FLAGS describes the status of this entry: It completes the IP address of IP Address entry Description IP address Hardware Address Conversion (translation) Hardware Address Hardware Header Pointer Timer Timer This is an entry for a Timer_List, which is used to make the ARP request timeout RETRIES ARP request retry SK_Buff Queue Waiting to resolve this IP address The SK_BUFF entry list ARP table contains a table of a pointer (ARP_TABLES vector table), linking the entries of the ARP_TABLE together. These entries are cached to accelerate access to them. Each entry uses its IP address to find the index of the index to find the index, then track this entry chain until the correct entry is found. Linux also caches hardware heads that are pre-established from the ARP_TABLE entry, caching with the HH_Cache data structure. When requesting an IP address conversion, there is no corresponding ARP_TABLE entry, ARP must send an ARP request message. It creates a new ARP_TABLE entry in the table and puts SK_Buff in this new entry to the SK_Buff queue that includes the address-converted SK_BUFF. It issues an ARP request and allows the ARP outdated timer. If there is no response, the ARP will try several times. If you still have not respond, the ARP will delete this ARP_TABLE entry. Any SK_BUFF data structure that queuing waits for this IP address will be notified that this failure is handled by the upper protocol transmitted. UDP does not care about the loss of packets, but TCP will try to resend it on a built TCP connection. If the owner of this IP address uses its hardware address, this ARP_TABLE entry is completed, and any queued SK_BUFF will be removed from the queue and continue to transfer. The hardware address is written to the hardware header of each SK_BUFF. The ARP protocol layer must also respond to the ARP request to indicate its IP address. It registers its protocol type (Eth_P_ARP) to generate a packet_type data structure. This means that all ARP messages received by the network device will pass it. Like the ARP response, this also includes ARP requests. It generates an ARP response using the hardware address in the Device data structure of the receiving device. The network topology is constantly changing, and the IP address may be reassigned to a different hardware address. For example, some dialing services assign an IP address for each connection it established.
In order to allow the ARP table including the latest entries, ARP runs a regular timer to check all ARP_TABLE entries to see which timeout. It is very careful, does not delete an entry containing hardware heads that contain one or more cache. Deleting these entries is dangerous because other data structures rely on them. Some ARP_TABLE entries are permanent and tagged, so they will not be released. The ARP table cannot grow too much: Each ARP_TABLE entry consumes some core memory. Whenever the ARP table needs to be assigned a new entry, the older entry is found and removed, thus trimming this table. 10.7 IP Routing IP Routing Features Determines where IP packets to a specific IP address should send it. There will be many options when transmitting IP packets. Can the destination arrive? If so, which network device should be used to send? Is there more than a network device to be used to arrive at the destination, which one is best? IP routing database maintenance information can answer these questions. There are two databases, the most important thing is the forwarding information database. This database is a detailed list of known IP objectives and their best routes. Another small, faster database, Route Cache, is used to quickly find the route of the IP target. Like all caches, it must only include the most frequently accessed routing, and its content is from the forwarding information database. Routing adds and deletes the IOCTL requests through the BSD socket interface. These requests are passed to the specific protocol. The INET protocol layer only allows for a process with superuser privileges to increase and delete IP routing. These routes can be fixed or dynamic, changing. Most systems use fixed routes unless they are itself a router. The router runs the routing protocol, constantly checks all the available routes known IP targets. The system is not a router called the end system. Routing protocols are implemented in the form of a daemon, such as Gated, which also uses the IOCTL of the BSD Socket interface to increase and delete routing. 10.7.1 The Route Cache is first checking the matching route in the routing cache whenever you find an IP route. If there is no matching route in the routing cache, the forwarding information database is found. If the route is also found here, the IP packet will fail and notify the application. If the route is in the forwarding information database, it is generated for this route to generate a new entry and add it to the routing cache. The routing cache is a table (IP_RT_HASH_TABLE), including a pointer to the RTABLE data structural chain. The index of the routing table is a Hash function based on the least two bytes of IP addresses. These two bytes are usually very different in their goals, so that Hash Value can be best dispersed. Each RTABLE entry includes route information: target IP address, reaching the network device (DEVICE structure) to be used by this IP address, the maximum information size, and the like can be used. It also has a reference counter, a timestamp using a counter (usage count) and the last timestamp (in Jiffies). When this route is used, this reference counter increases, which shows the number of network connections to this route, and decreases when the application stops using this route.
