SlideShare a Scribd company logo

Fun with Network Interfaces

Kernel TLV
Kernel TLV

Agenda: In this session, Shmulik Ladkani discusses the kernel's net_device abstraction, its interfaces, and how net-devices interact with the network stack. The talk covers many of the software network devices that exist in the Linux kernel, the functionalities they provide and some interesting use cases. Speaker: Shmulik Ladkani is a Tech Lead at Ravello Systems. Shmulik started his career at Jungo (acquired by NDS/Cisco) implementing residential gateway software, focusing on embedded Linux, Linux kernel, networking and hardware/software integration. 51966 coffees and billions of forwarded packets later, with millions of homes running his software, Shmulik left his position as Jungo’s lead architect and joined Ravello Systems (acquired by Oracle) as tech lead, developing a virtual data center as a cloud service. He's now focused around virtualization systems, network virtualization and SDN.

Software
1 of 50
Download to read offline
Fun with Network Interfaces Shmulik Ladkani March 2016 This work is licensed under a Creative Commons Attribution 4.0 International License.
On the Menu ● Linux network stack, a (quick) intro ○ What’s this net_device anyway? ○ Programming interfaces ○ Frame reception and transmission ● Logical network interfaces ○ What? ○ Why? ○ Examples ○ Examples ○ Examples
Agenda ● Goals ○ Strengthen foundations ○ Explain interaction of main network stack components ○ Familiarize with building blocks of virtual networks ○ Ease of further research ● Non Goals ○ Mastering device driver programming ○ How network gear operates in detail ○ Specific component deep dive
Disclaimer ● Linux network stack is huge and complex ○ Let’s skip some fine details
Network Stack Intro
Diagram by Arnout Vandecappelle
Network Stack Intro Take II
Diagram by Jan Engelhardt
Network Stack Intro Take III
Network Stack Layers L7 L4 L3 L2 Device-specific L2 network core ipv4 udptcp icmp igmp gre ipip ... device drivers arp ipv6 pppoe ... usermode app socket api
Network Core ● Generic functionalities of a network device ● RX ○ Processing of incoming frames ○ Delivery to upper protocols ● TX ○ Queuing ○ Final processing ○ Hand-over to driver’s transmit method
Struct net_device ● Represents a network interface ● One for each network device in the system ○ Either physical device or logical (software) one
Struct net_device Common properties ● Identified by a ‘name’ and ‘ifindex’ ○ Unique to a network namespace ● Has BSD-like ‘flags’ IFF_UP, IFF_LOOPBACK, IFF_POINTOPOINT, IFF_NOARP, IFF_PROMISC... ● Has ‘features’ NETIF_F_SG_BIT, NETIF_F_HW_CSUM_BIT, NETIF_F_GSO_BIT, NETIF_F_GRO_BIT, NETIF_F_LRO_BIT, NETIF_F_RXHASH_BIT, NETIF_F_RXCSUM_BIT... ● Has many other fields... ● Holds associated device operations const struct net_device_ops *netdev_ops;
Struct net_device_ops ● Interface. Defines all device methods ○ Driver implements ● E.g. e1000e_netdev_ops, bcmgenet_netdev_ops … ○ Network-core uses ● Fat interface… ○ 44 methods in v3.4 ○ 59 methods in v3.14 ○ 68 methods in v4.4 ○ Few methods #ifdef protected ○ Some are optional
Struct net_device_ops Common methods ● ndo_open() ○ Upon device transition to UP state ● ndo_stop() ○ Upon device transition to DOWN state ● ndo_start_xmit() ○ When a packet needs to be transmitted ● ndo_set_features() ○ Update device configuration to new features ● ndo_get_stats() ○ Get device usage statistics ● ndo_set_mac_address() ○ When MAC needs to be changed ● Many more...
Stack’s core interfaces For device implementers ● napi_schedule() ○ Schedule driver’s poll routine to be called ● netif_receive_skb() ○ Pass a received buffer to network core processing ○ Few other interfaces exist ● netif_stop_queue() ○ Stop upper layer from calling device’s ndo_start_xmit ● netif_wake_queue() ○ Allow upper layer to call device’s ndo_start_xmit ● More...
Frame Reception __netif_receive_skb_core() ● Deliver to network taps (protocol sniffers) ● Ingress classification and filtering ● VLAN packet handling ● Invoke a specially registered ‘rx_handler’ ○ May consume packet ● Deliver to the registered L3 protocol handler ○ No handler? Drop
net_device->rx_handler ● Per device registered function ○ Called internally from ‘__netif_receive_skb_core’ ○ Prior delivery to protocol handlers ● Allows special L2 processing during RX ● Semantics ○ At most one registered ‘rx_handler’ per device ○ May consume the packet ● ‘netif_receive_skb’ will not further process it ○ May instruct ‘netif_receive_skb’ to do “another round” ● Notable users ○ bridge, openvswitch, bonding, team, macvlan, macvtap
Frame Transmission dev_queue_xmit() ● Well, packet is set-up for transmission ○ Yeay! Let’s pass to driver’s ndo_start_xmit() ! ○ Wait a minute… literally ● Device has no queue? ○ Final preps & xmit ● Device has a queue? ○ Enqueue the packet ● Using device queueing discipline ○ Kick the queue ○ Will eventually get to “final preps & xmit” ● Synchronously or asynchronously ● According to discipline
Software Network Interfaces a.k.a logical network interfaces
Software Net Device ● Not associated with a physical NIC ● Provides logical rx/tx functionality ○ By implementing the net_device interface ● Allows special-purpose packet processing ○ Without altering the network stack
Variants of Logical Devices ● Directly operate on specified net device(s) ○ Protocols (vlan, pppoe…) ○ Logical constructs (bridge, bonding, veth, macvlan...) ● Interact with higher network layers ○ IP based tunnels (ipip, gre, sit, l2tp…) ○ UDP based tunnels (vxlan, geneve, l2tp-udp…) ● Other constructs ○ May or may not interact with other net devices ○ lo, ppp, tun/tap, ifb...
Loopback
lo: Loopback interface static netdev_tx_t loopback_xmit(struct sk_buff *skb, struct net_device *dev) { ... netif_rx(skb); // eventually gets to netif_receive_skb } Every transmitted packet is bounced back for reception ○ Using same device network core ipv4 lo ... ipv6 ... ...
VLAN
vlan: (circa 2.4) 802.1q Virtual LAN interface ● Has an underlying “link” net device struct vlan_dev_priv { u16 vlan_id; struct net_device *real_dev; … ● Xmit method ○ Tags the packet ○ Queues for transmission on the underlying device vlan_tci = vlan->vlan_id; vlan_tci |= … skb = __vlan_hwaccel_put_tag(skb, vlan->vlan_proto, vlan_tci); skb->dev = vlan->real_dev; … ret = dev_queue_xmit(skb);
TUN/TAP
● Device is associated with a usermode fd ○ write(fd) --> device RX ○ device TX --> ready to read(fd) ● Operation mode ○ tun: L3 packets ○ tap: L2 frames tun/tap: (circa 2.4) Usermode packet processing tap0fd network core ipv4... ... ...
● Usermode VPN applications ○ Routing to the VPN subnet is directed to tun device ● E.g. 192.168.50.0/24 dev tun0 ○ read(tun_fd, buf) ○ encrypt(buf) ○ encapsulate(buf) ○ send(tcp_sock, buf) TUN use cases
● VM networking ○ Emulator exposes a tap for each VM NIC ○ Emulator traps VM xmit ○ Issues write(tap_fd) ○ Packet arrives at host’s net stack via tap device TAP use cases
VETH
veth: (circa 2.6.24) Virtual Ethernet Pair ● Local ethernet “wire” ● Comes as pair of virtual ethernet interfaces ● veth TX --> peer veth RX ○ And vice versa network core ipv4... ... ... veth0 veth1
● Container networking ○ First veth in host’s net namespace ○ Peer veth in container’s net namespace ● Local links of a virtual network ● Network emulation veth use cases
Bridge
Bridge: 802.1d Ethernet Bridging ● Software L2 forwarding switch ○ Expands the L2 network across various links ○ 802.1q VLAN capable circa 3.9 ● Bridge has multiple slave devices (“ports”) ● rx_handler registered on slave devices ○ Picks output devices(s) based on FDB ○ Calls ‘dev_queue_xmit’ on output device ○ Packet consumed! Never enters L3 stack via input device eth1 eth2eth0 br0 rx_handler() dev_queue_xmit()
● Same / different medium ○ Slave devices present L2 ethernet network Bridging physical networks wifi0 ethoa3eth1 br0 bnep0 usbnet1
Bridging virtual networks VM A VM B tap1 vxlan0tap0 br0 veth0 Container X veth1 veth2 Container Y veth3 tunnel to remote bridge
MACVLAN
MacVLAN: (circa 2.6.32) MAC Address based VLANs ● Network segmentation based on destination MAC ● Macvlan devices have underlying “lower” device ○ Macvlans on same link have unique MAC addresses ● Macvlan xmit ○ Calls ‘dev_queue_xmit’ on lower device ● rx_handler registered on lower device ○ Look for a macvlan device based on packet’s dest-MAC ○ None found? Return “Pass” (normal processing) ○ Found? Change skb->dev to the macvlan dev, return “Another round” rx_handler() eth0 mvlan0 mvlan1 mvlan2
● Network segmentation ○ Where 802.1q VLAN can’t be used MacVLAN use cases eth0 eth0_data eth0_voip 54.6.30.15/24 10.0.5.94/16 VoIP Service Internet Access Service
● Lightweight virtual network ○ For containers / VMs ○ Various operation modes ● MacVTAP (circa 2.6.34) ○ Each device has a tap-like FD interface MacVLAN use cases eth0 mvlan0 mvlan1 mvlan2 Container X Container Y Container Z
GRE
ip_gre: (circa 2.2) GRE Tunnel, IP Based ● Global initialization ○ Register the IPPROTO_GRE transport protocol handler ipv4 stack ipv6 ... network core gre stack... ... ... ... ... ...
ip_gre: (circa 2.2) GRE Tunnel, IP Based ● Per device initialization ○ Store tunnel instance parameters ○ E.g. encapsulating iph.saddr, iph.daddr ipv4 stack ipv6 ... network core gre stack... ... ... ... ... ... gre0 54.90.24.7 gre1 81.104.12.5
ip_gre device Transmit method ● Routing to remote subnet directed to gre device ○ E.g. 192.168.50.0/24 dev gre0 ● Install the GRE header ● Consult IP routing for output decision ○ Based on tunnel parameters ● Install the encapsulating IP header ● Pass to IP stack for local output ipv4 stack ipv6 ... network core gre stack... ... ... ... ... ... gre0 gre1
ip_gre device Receive path ● Encapsulating packet arrives on a net device ● IP stack invokes the registered transport handler ● GRE handler looks-up for a matching tunnel instance ○ Based on encapsulating IP header fields ● Changes skb->dev to the matched tunnel device ● Skb points to inner packet ● Re-submit to network’s core RX path ipv4 stack ipv6 ... network core gre stack... ... ... ... ... ... gre0 gre1
Bonding
bond: (circa 2.2) Link Aggregation ● Aggregates multiple interfaces into a single “bond” ○ Various operating modes: Round-robin, active-backup, broadcast, 802.3ad... ● Bond device has multiple “slave” devices ● Bond xmit ○ Calls ‘dev_queue_xmit’ on slave devices(s) ● rx_handler registered on slave devices ○ Changes skb->dev as the bond device, returns “Another round” eth0 eth1 bond0 rx_handler() dev_queue_xmit()
● Bandwidth aggregation ● Fault tolerance / HA ● L2 based Load Balancing See similar ‘team’ driver (circa 3.3) bond use cases
Summary ● Network stack brief ● net_device abstraction ● Logical network interfaces ○ Many covered! ○ Many others exist (see: ifb, vrf…) ● Questions? ● Contact me!

Recommended

Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
Adrien Mahieux
 
netfilter and iptables
netfilter and iptablesnetfilter and iptables
netfilter and iptables
Kernel TLV
 
The TCP/IP Stack in the Linux Kernel
The TCP/IP Stack in the Linux KernelThe TCP/IP Stack in the Linux Kernel
The TCP/IP Stack in the Linux Kernel
Divye Kapoor
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux Kernel
Kernel TLV
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
Thomas Graf
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecturehugo lu
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
Daniel T. Lee
 
Introduction to eBPF and XDP
Introduction to eBPF and XDPIntroduction to eBPF and XDP
Introduction to eBPF and XDP
lcplcp1
 

Recommended

Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
Adrien Mahieux
 
netfilter and iptables
netfilter and iptablesnetfilter and iptables
netfilter and iptables
Kernel TLV
 
The TCP/IP Stack in the Linux Kernel
The TCP/IP Stack in the Linux KernelThe TCP/IP Stack in the Linux Kernel
The TCP/IP Stack in the Linux Kernel
Divye Kapoor
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux Kernel
Kernel TLV
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
Thomas Graf
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecturehugo lu
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
Daniel T. Lee
 
Introduction to eBPF and XDP
Introduction to eBPF and XDPIntroduction to eBPF and XDP
Introduction to eBPF and XDP
lcplcp1
 
eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to Userspace
SUSE Labs Taipei
 
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Linaro
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet Processing
Michelle Holley
 
Linux device drivers
Linux device drivers Linux device drivers
Linux device drivers
Emertxe Information Technologies Pvt Ltd
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDK
Denys Haryachyy
 
Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!
Ray Jenkins
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
Thomas Graf
 
eBPF/XDP
eBPF/XDP eBPF/XDP
eBPF/XDP
Netronome
 
Dpdk performance
Dpdk performanceDpdk performance
Dpdk performance
Stephen Hemminger
 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)
shimosawa
 
BusyBox for Embedded Linux
BusyBox for Embedded LinuxBusyBox for Embedded Linux
BusyBox for Embedded Linux
Emertxe Information Technologies Pvt Ltd
 
Hands-on ethernet driver
Hands-on ethernet driverHands-on ethernet driver
Hands-on ethernet driver
SUSE Labs Taipei
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequenceHoucheng Lin
 
Linux Internals - Part II
Linux Internals - Part IILinux Internals - Part II
Linux Internals - Part II
Emertxe Information Technologies Pvt Ltd
 
Ixgbe internals
Ixgbe internalsIxgbe internals
Ixgbe internals
SUSE Labs Taipei
 
Linux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBLinux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKB
shimosawa
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast Storage
Kernel TLV
 
BPF - in-kernel virtual machine
BPF - in-kernel virtual machineBPF - in-kernel virtual machine
BPF - in-kernel virtual machine
Alexei Starovoitov
 
eBPF Basics
eBPF BasicseBPF Basics
eBPF Basics
Michael Kehoe
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device drivers
Houcheng Lin
 
FD.IO Vector Packet Processing
FD.IO Vector Packet ProcessingFD.IO Vector Packet Processing
FD.IO Vector Packet Processing
Kernel TLV
 
WiFi and the Beast
WiFi and the BeastWiFi and the Beast
WiFi and the Beast
Kernel TLV
 

More Related Content

What's hot

eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to Userspace
SUSE Labs Taipei
 
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Linaro
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet Processing
Michelle Holley
 
Linux device drivers
Linux device drivers Linux device drivers
Linux device drivers
Emertxe Information Technologies Pvt Ltd
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDK
Denys Haryachyy
 
Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!
Ray Jenkins
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
Thomas Graf
 
eBPF/XDP
eBPF/XDP eBPF/XDP
eBPF/XDP
Netronome
 
Dpdk performance
Dpdk performanceDpdk performance
Dpdk performance
Stephen Hemminger
 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)
shimosawa
 
BusyBox for Embedded Linux
BusyBox for Embedded LinuxBusyBox for Embedded Linux
BusyBox for Embedded Linux
Emertxe Information Technologies Pvt Ltd
 
Hands-on ethernet driver
Hands-on ethernet driverHands-on ethernet driver
Hands-on ethernet driver
SUSE Labs Taipei
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequenceHoucheng Lin
 
Linux Internals - Part II
Linux Internals - Part IILinux Internals - Part II
Linux Internals - Part II
Emertxe Information Technologies Pvt Ltd
 
Ixgbe internals
Ixgbe internalsIxgbe internals
Ixgbe internals
SUSE Labs Taipei
 
Linux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBLinux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKB
shimosawa
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast Storage
Kernel TLV
 
BPF - in-kernel virtual machine
BPF - in-kernel virtual machineBPF - in-kernel virtual machine
BPF - in-kernel virtual machine
Alexei Starovoitov
 
eBPF Basics
eBPF BasicseBPF Basics
eBPF Basics
Michael Kehoe
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device drivers
Houcheng Lin
 

What's hot (20)

eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to Userspace
 
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
Secure Boot on ARM systems – Building a complete Chain of Trust upon existing...
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet Processing
 
Linux device drivers
Linux device drivers Linux device drivers
Linux device drivers
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDK
 
Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!Understanding eBPF in a Hurry!
Understanding eBPF in a Hurry!
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking Explained
 
eBPF/XDP
eBPF/XDP eBPF/XDP
eBPF/XDP
 
Dpdk performance
Dpdk performanceDpdk performance
Dpdk performance
 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)
 
BusyBox for Embedded Linux
BusyBox for Embedded LinuxBusyBox for Embedded Linux
BusyBox for Embedded Linux
 
Hands-on ethernet driver
Hands-on ethernet driverHands-on ethernet driver
Hands-on ethernet driver
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequence
 
Linux Internals - Part II
Linux Internals - Part IILinux Internals - Part II
Linux Internals - Part II
 
Ixgbe internals
Ixgbe internalsIxgbe internals
Ixgbe internals
 
Linux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBLinux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKB
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast Storage
 
BPF - in-kernel virtual machine
BPF - in-kernel virtual machineBPF - in-kernel virtual machine
BPF - in-kernel virtual machine
 
eBPF Basics
eBPF BasicseBPF Basics
eBPF Basics
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device drivers
 

Viewers also liked

FD.IO Vector Packet Processing
FD.IO Vector Packet ProcessingFD.IO Vector Packet Processing
FD.IO Vector Packet Processing
Kernel TLV
 
WiFi and the Beast
WiFi and the BeastWiFi and the Beast
WiFi and the Beast
Kernel TLV
 
Userfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy MigrationUserfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy Migration
Kernel TLV
 
Windows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel DevelopersWindows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel Developers
Kernel TLV
 
Hardware Probing in the Linux Kernel
Hardware Probing in the Linux KernelHardware Probing in the Linux Kernel
Hardware Probing in the Linux Kernel
Kernel TLV
 
Specializing the Data Path - Hooking into the Linux Network Stack
Specializing the Data Path - Hooking into the Linux Network StackSpecializing the Data Path - Hooking into the Linux Network Stack
Specializing the Data Path - Hooking into the Linux Network Stack
Kernel TLV
 
Switchdev - No More SDK
Switchdev - No More SDKSwitchdev - No More SDK
Switchdev - No More SDK
Kernel TLV
 
Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDK
Kernel TLV
 
Linux Security Overview
Linux Security OverviewLinux Security Overview
Linux Security Overview
Kernel TLV
 
Linux Kernel Cryptographic API and Use Cases
Linux Kernel Cryptographic API and Use CasesLinux Kernel Cryptographic API and Use Cases
Linux Kernel Cryptographic API and Use Cases
Kernel TLV
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
Kernel TLV
 
grsecurity and PaX
grsecurity and PaXgrsecurity and PaX
grsecurity and PaX
Kernel TLV
 
FreeBSD and Drivers
FreeBSD and DriversFreeBSD and Drivers
FreeBSD and Drivers
Kernel TLV
 
Linux Locking Mechanisms
Linux Locking MechanismsLinux Locking Mechanisms
Linux Locking Mechanisms
Kernel TLV
 
Linux Kernel Init Process
Linux Kernel Init ProcessLinux Kernel Init Process
Linux Kernel Init Process
Kernel TLV
 
DMA Survival Guide
DMA Survival GuideDMA Survival Guide
DMA Survival Guide
Kernel TLV
 
High Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux KernelHigh Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux Kernel
Kernel TLV
 
Linux Interrupts
Linux InterruptsLinux Interrupts
Linux Interrupts
Kernel TLV
 
Interface between kernel and user space
Interface between kernel and user spaceInterface between kernel and user space
Interface between kernel and user spaceSusant Sahani
 
Introduction to netlink in linux kernel (english)
Introduction to netlink in linux kernel (english)Introduction to netlink in linux kernel (english)
Introduction to netlink in linux kernel (english)
Sneeker Yeh
 

Viewers also liked (20)

FD.IO Vector Packet Processing
FD.IO Vector Packet ProcessingFD.IO Vector Packet Processing
FD.IO Vector Packet Processing
 
WiFi and the Beast
WiFi and the BeastWiFi and the Beast
WiFi and the Beast
 
Userfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy MigrationUserfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy Migration
 
Windows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel DevelopersWindows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel Developers
 
Hardware Probing in the Linux Kernel
Hardware Probing in the Linux KernelHardware Probing in the Linux Kernel
Hardware Probing in the Linux Kernel
 
Specializing the Data Path - Hooking into the Linux Network Stack
Specializing the Data Path - Hooking into the Linux Network StackSpecializing the Data Path - Hooking into the Linux Network Stack
Specializing the Data Path - Hooking into the Linux Network Stack
 
Switchdev - No More SDK
Switchdev - No More SDKSwitchdev - No More SDK
Switchdev - No More SDK
 
Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDK
 
Linux Security Overview
Linux Security OverviewLinux Security Overview
Linux Security Overview
 
Linux Kernel Cryptographic API and Use Cases
Linux Kernel Cryptographic API and Use CasesLinux Kernel Cryptographic API and Use Cases
Linux Kernel Cryptographic API and Use Cases
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
 
grsecurity and PaX
grsecurity and PaXgrsecurity and PaX
grsecurity and PaX
 
FreeBSD and Drivers
FreeBSD and DriversFreeBSD and Drivers
FreeBSD and Drivers
 
Linux Locking Mechanisms
Linux Locking MechanismsLinux Locking Mechanisms
Linux Locking Mechanisms
 
Linux Kernel Init Process
Linux Kernel Init ProcessLinux Kernel Init Process
Linux Kernel Init Process
 
DMA Survival Guide
DMA Survival GuideDMA Survival Guide
DMA Survival Guide
 
High Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux KernelHigh Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux Kernel
 
Linux Interrupts
Linux InterruptsLinux Interrupts
Linux Interrupts
 
Interface between kernel and user space
Interface between kernel and user spaceInterface between kernel and user space
Interface between kernel and user space
 
Introduction to netlink in linux kernel (english)
Introduction to netlink in linux kernel (english)Introduction to netlink in linux kernel (english)
Introduction to netlink in linux kernel (english)
 

Similar to Fun with Network Interfaces

Linux Network Filtering
Linux Network FilteringLinux Network Filtering
Linux Network Filtering
James Daniel
 
packet traveling (pre cloud)
packet traveling (pre cloud)packet traveling (pre cloud)
packet traveling (pre cloud)
iman darabi
 
Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019
🔧 Loïc BLOT
 
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Samsung Open Source Group
 
BGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP PeeringBGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP Peering
GLC Networks
 
Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101
Mochamad Taufik Romdony
 
Banog meetup August 30th, network device property as code
Banog meetup August 30th, network device property as codeBanog meetup August 30th, network device property as code
Banog meetup August 30th, network device property as code
Damien Garros
 
Using Mikrotik Switch Features to Improve Your Network
Using Mikrotik Switch Features to Improve Your Network Using Mikrotik Switch Features to Improve Your Network
Using Mikrotik Switch Features to Improve Your Network
GLC Networks
 
Run Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT NetworkRun Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT Network
Samsung Open Source Group
 
Internet Protocol Deep-Dive
Internet Protocol Deep-DiveInternet Protocol Deep-Dive
Internet Protocol Deep-Dive
GLC Networks
 
MTCNA Intro to routerOS
MTCNA Intro to routerOSMTCNA Intro to routerOS
MTCNA Intro to routerOS
GLC Networks
 
Openstack Networking Internals - first part
Openstack Networking Internals - first partOpenstack Networking Internals - first part
Openstack Networking Internals - first part
lilliput12
 
Network LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikNetwork LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with Mikrotik
GLC Networks
 
Ake hedman why we need to unite and why vscp is a solution to a problem
Ake hedman why we need to unite and why vscp is a solution to a problemAke hedman why we need to unite and why vscp is a solution to a problem
Ake hedman why we need to unite and why vscp is a solution to a problem
WithTheBest
 
Iot with-the-best & VSCP
Iot with-the-best & VSCPIot with-the-best & VSCP
Iot with-the-best & VSCP
Ake Hedman
 
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
OpenStack Korea Community
 
Demystifying Datacenter Clos
Demystifying Datacenter ClosDemystifying Datacenter Clos
Demystifying Datacenter Clos
ONeilRobinson2
 
MTCNA : Intro to RouterOS - Part 1
MTCNA : Intro to RouterOS - Part 1MTCNA : Intro to RouterOS - Part 1
MTCNA : Intro to RouterOS - Part 1
GLC Networks
 
Mirko Damiani - An Embedded soft real time distributed system in Go
Mirko Damiani - An Embedded soft real time distributed system in GoMirko Damiani - An Embedded soft real time distributed system in Go
Mirko Damiani - An Embedded soft real time distributed system in Go
linuxlab_conf
 

Similar to Fun with Network Interfaces (20)

Linux Network Filtering
Linux Network FilteringLinux Network Filtering
Linux Network Filtering
 
packet traveling (pre cloud)
packet traveling (pre cloud)packet traveling (pre cloud)
packet traveling (pre cloud)
 
Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019Kubernetes from scratch at veepee sysadmins days 2019
Kubernetes from scratch at veepee sysadmins days 2019
 
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
 
Twisted
TwistedTwisted
Twisted
 
BGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP PeeringBGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP Peering
 
Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101Networking in Openstack - Neutron 101
Networking in Openstack - Neutron 101
 
Banog meetup August 30th, network device property as code
Banog meetup August 30th, network device property as codeBanog meetup August 30th, network device property as code
Banog meetup August 30th, network device property as code
 
Using Mikrotik Switch Features to Improve Your Network
Using Mikrotik Switch Features to Improve Your Network Using Mikrotik Switch Features to Improve Your Network
Using Mikrotik Switch Features to Improve Your Network
 
Run Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT NetworkRun Your Own 6LoWPAN Based IoT Network
Run Your Own 6LoWPAN Based IoT Network
 
Internet Protocol Deep-Dive
Internet Protocol Deep-DiveInternet Protocol Deep-Dive
Internet Protocol Deep-Dive
 
MTCNA Intro to routerOS
MTCNA Intro to routerOSMTCNA Intro to routerOS
MTCNA Intro to routerOS
 
Openstack Networking Internals - first part
Openstack Networking Internals - first partOpenstack Networking Internals - first part
Openstack Networking Internals - first part
 
Network LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikNetwork LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with Mikrotik
 
Ake hedman why we need to unite and why vscp is a solution to a problem
Ake hedman why we need to unite and why vscp is a solution to a problemAke hedman why we need to unite and why vscp is a solution to a problem
Ake hedman why we need to unite and why vscp is a solution to a problem
 
Iot with-the-best & VSCP
Iot with-the-best & VSCPIot with-the-best & VSCP
Iot with-the-best & VSCP
 
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
[OpenStack Day in Korea 2015] Track 1-6 - 갈라파고스의 이구아나, 인프라에 오픈소스를 올리다. 그래서 보이...
 
Demystifying Datacenter Clos
Demystifying Datacenter ClosDemystifying Datacenter Clos
Demystifying Datacenter Clos
 
MTCNA : Intro to RouterOS - Part 1
MTCNA : Intro to RouterOS - Part 1MTCNA : Intro to RouterOS - Part 1
MTCNA : Intro to RouterOS - Part 1
 
Mirko Damiani - An Embedded soft real time distributed system in Go
Mirko Damiani - An Embedded soft real time distributed system in GoMirko Damiani - An Embedded soft real time distributed system in Go
Mirko Damiani - An Embedded soft real time distributed system in Go
 

More from Kernel TLV

DPDK In Depth
DPDK In DepthDPDK In Depth
DPDK In Depth
Kernel TLV
 
Building Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCCBuilding Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCC
Kernel TLV
 
SGX Trusted Execution Environment
SGX Trusted Execution EnvironmentSGX Trusted Execution Environment
SGX Trusted Execution Environment
Kernel TLV
 
Fun with FUSE
Fun with FUSEFun with FUSE
Fun with FUSE
Kernel TLV
 
Kernel Proc Connector and Containers
Kernel Proc Connector and ContainersKernel Proc Connector and Containers
Kernel Proc Connector and Containers
Kernel TLV
 
Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545
Kernel TLV
 
Present Absence of Linux Filesystem Security
Present Absence of Linux Filesystem SecurityPresent Absence of Linux Filesystem Security
Present Absence of Linux Filesystem Security
Kernel TLV
 
OpenWrt From Top to Bottom
OpenWrt From Top to BottomOpenWrt From Top to Bottom
OpenWrt From Top to Bottom
Kernel TLV
 
Make Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsMake Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance Tools
Kernel TLV
 
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
Kernel TLV
 
File Systems: Why, How and Where
File Systems: Why, How and WhereFile Systems: Why, How and Where
File Systems: Why, How and Where
Kernel TLV
 
KernelTLV Speaker Guidelines
KernelTLV Speaker GuidelinesKernelTLV Speaker Guidelines
KernelTLV Speaker Guidelines
Kernel TLV
 
Userfaultfd: Current Features, Limitations and Future Development
Userfaultfd: Current Features, Limitations and Future DevelopmentUserfaultfd: Current Features, Limitations and Future Development
Userfaultfd: Current Features, Limitations and Future Development
Kernel TLV
 

More from Kernel TLV (13)

DPDK In Depth
DPDK In DepthDPDK In Depth
DPDK In Depth
 
Building Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCCBuilding Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCC
 
SGX Trusted Execution Environment
SGX Trusted Execution EnvironmentSGX Trusted Execution Environment
SGX Trusted Execution Environment
 
Fun with FUSE
Fun with FUSEFun with FUSE
Fun with FUSE
 
Kernel Proc Connector and Containers
Kernel Proc Connector and ContainersKernel Proc Connector and Containers
Kernel Proc Connector and Containers
 
Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545
 
Present Absence of Linux Filesystem Security
Present Absence of Linux Filesystem SecurityPresent Absence of Linux Filesystem Security
Present Absence of Linux Filesystem Security
 
OpenWrt From Top to Bottom
OpenWrt From Top to BottomOpenWrt From Top to Bottom
OpenWrt From Top to Bottom
 
Make Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsMake Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance Tools
 
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
 
File Systems: Why, How and Where
File Systems: Why, How and WhereFile Systems: Why, How and Where
File Systems: Why, How and Where
 
KernelTLV Speaker Guidelines
KernelTLV Speaker GuidelinesKernelTLV Speaker Guidelines
KernelTLV Speaker Guidelines
 
Userfaultfd: Current Features, Limitations and Future Development
Userfaultfd: Current Features, Limitations and Future DevelopmentUserfaultfd: Current Features, Limitations and Future Development
Userfaultfd: Current Features, Limitations and Future Development
 

Recently uploaded

top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
vrstrong314
 
Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
Ortus Solutions, Corp
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
Tendenci - The Open Source AMS (Association Management Software)
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Natan Silnitsky
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Mind IT Systems
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
Tier1 app
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
Understanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSageUnderstanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSage
Globus
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
informapgpstrackings
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
Cyanic lab
 
Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
XfilesPro
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
Globus
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
wottaspaceseo
 

Recently uploaded (20)

top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
 
Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
 
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
Understanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSageUnderstanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSage
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
 
Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
 

Fun with Network Interfaces

  • 1. Fun with Network Interfaces Shmulik Ladkani March 2016 This work is licensed under a Creative Commons Attribution 4.0 International License.
  • 2. On the Menu ● Linux network stack, a (quick) intro ○ What’s this net_device anyway? ○ Programming interfaces ○ Frame reception and transmission ● Logical network interfaces ○ What? ○ Why? ○ Examples ○ Examples ○ Examples
  • 3. Agenda ● Goals ○ Strengthen foundations ○ Explain interaction of main network stack components ○ Familiarize with building blocks of virtual networks ○ Ease of further research ● Non Goals ○ Mastering device driver programming ○ How network gear operates in detail ○ Specific component deep dive
  • 4. Disclaimer ● Linux network stack is huge and complex ○ Let’s skip some fine details
  • 6. Diagram by Arnout Vandecappelle
  • 8. Diagram by Jan Engelhardt
  • 10. Network Stack Layers L7 L4 L3 L2 Device-specific L2 network core ipv4 udptcp icmp igmp gre ipip ... device drivers arp ipv6 pppoe ... usermode app socket api
  • 11. Network Core ● Generic functionalities of a network device ● RX ○ Processing of incoming frames ○ Delivery to upper protocols ● TX ○ Queuing ○ Final processing ○ Hand-over to driver’s transmit method
  • 12. Struct net_device ● Represents a network interface ● One for each network device in the system ○ Either physical device or logical (software) one
  • 13. Struct net_device Common properties ● Identified by a ‘name’ and ‘ifindex’ ○ Unique to a network namespace ● Has BSD-like ‘flags’ IFF_UP, IFF_LOOPBACK, IFF_POINTOPOINT, IFF_NOARP, IFF_PROMISC... ● Has ‘features’ NETIF_F_SG_BIT, NETIF_F_HW_CSUM_BIT, NETIF_F_GSO_BIT, NETIF_F_GRO_BIT, NETIF_F_LRO_BIT, NETIF_F_RXHASH_BIT, NETIF_F_RXCSUM_BIT... ● Has many other fields... ● Holds associated device operations const struct net_device_ops *netdev_ops;
  • 14. Struct net_device_ops ● Interface. Defines all device methods ○ Driver implements ● E.g. e1000e_netdev_ops, bcmgenet_netdev_ops … ○ Network-core uses ● Fat interface… ○ 44 methods in v3.4 ○ 59 methods in v3.14 ○ 68 methods in v4.4 ○ Few methods #ifdef protected ○ Some are optional
  • 15. Struct net_device_ops Common methods ● ndo_open() ○ Upon device transition to UP state ● ndo_stop() ○ Upon device transition to DOWN state ● ndo_start_xmit() ○ When a packet needs to be transmitted ● ndo_set_features() ○ Update device configuration to new features ● ndo_get_stats() ○ Get device usage statistics ● ndo_set_mac_address() ○ When MAC needs to be changed ● Many more...
  • 16. Stack’s core interfaces For device implementers ● napi_schedule() ○ Schedule driver’s poll routine to be called ● netif_receive_skb() ○ Pass a received buffer to network core processing ○ Few other interfaces exist ● netif_stop_queue() ○ Stop upper layer from calling device’s ndo_start_xmit ● netif_wake_queue() ○ Allow upper layer to call device’s ndo_start_xmit ● More...
  • 17. Frame Reception __netif_receive_skb_core() ● Deliver to network taps (protocol sniffers) ● Ingress classification and filtering ● VLAN packet handling ● Invoke a specially registered ‘rx_handler’ ○ May consume packet ● Deliver to the registered L3 protocol handler ○ No handler? Drop
  • 18. net_device->rx_handler ● Per device registered function ○ Called internally from ‘__netif_receive_skb_core’ ○ Prior delivery to protocol handlers ● Allows special L2 processing during RX ● Semantics ○ At most one registered ‘rx_handler’ per device ○ May consume the packet ● ‘netif_receive_skb’ will not further process it ○ May instruct ‘netif_receive_skb’ to do “another round” ● Notable users ○ bridge, openvswitch, bonding, team, macvlan, macvtap
  • 19. Frame Transmission dev_queue_xmit() ● Well, packet is set-up for transmission ○ Yeay! Let’s pass to driver’s ndo_start_xmit() ! ○ Wait a minute… literally ● Device has no queue? ○ Final preps & xmit ● Device has a queue? ○ Enqueue the packet ● Using device queueing discipline ○ Kick the queue ○ Will eventually get to “final preps & xmit” ● Synchronously or asynchronously ● According to discipline
  • 20. Software Network Interfaces a.k.a logical network interfaces
  • 21. Software Net Device ● Not associated with a physical NIC ● Provides logical rx/tx functionality ○ By implementing the net_device interface ● Allows special-purpose packet processing ○ Without altering the network stack
  • 22. Variants of Logical Devices ● Directly operate on specified net device(s) ○ Protocols (vlan, pppoe…) ○ Logical constructs (bridge, bonding, veth, macvlan...) ● Interact with higher network layers ○ IP based tunnels (ipip, gre, sit, l2tp…) ○ UDP based tunnels (vxlan, geneve, l2tp-udp…) ● Other constructs ○ May or may not interact with other net devices ○ lo, ppp, tun/tap, ifb...
  • 24. lo: Loopback interface static netdev_tx_t loopback_xmit(struct sk_buff *skb, struct net_device *dev) { ... netif_rx(skb); // eventually gets to netif_receive_skb } Every transmitted packet is bounced back for reception ○ Using same device network core ipv4 lo ... ipv6 ... ...
  • 25. VLAN
  • 26. vlan: (circa 2.4) 802.1q Virtual LAN interface ● Has an underlying “link” net device struct vlan_dev_priv { u16 vlan_id; struct net_device *real_dev; … ● Xmit method ○ Tags the packet ○ Queues for transmission on the underlying device vlan_tci = vlan->vlan_id; vlan_tci |= … skb = __vlan_hwaccel_put_tag(skb, vlan->vlan_proto, vlan_tci); skb->dev = vlan->real_dev; … ret = dev_queue_xmit(skb);
  • 28. ● Device is associated with a usermode fd ○ write(fd) --> device RX ○ device TX --> ready to read(fd) ● Operation mode ○ tun: L3 packets ○ tap: L2 frames tun/tap: (circa 2.4) Usermode packet processing tap0fd network core ipv4... ... ...
  • 29. ● Usermode VPN applications ○ Routing to the VPN subnet is directed to tun device ● E.g. 192.168.50.0/24 dev tun0 ○ read(tun_fd, buf) ○ encrypt(buf) ○ encapsulate(buf) ○ send(tcp_sock, buf) TUN use cases
  • 30. ● VM networking ○ Emulator exposes a tap for each VM NIC ○ Emulator traps VM xmit ○ Issues write(tap_fd) ○ Packet arrives at host’s net stack via tap device TAP use cases
  • 31. VETH
  • 32. veth: (circa 2.6.24) Virtual Ethernet Pair ● Local ethernet “wire” ● Comes as pair of virtual ethernet interfaces ● veth TX --> peer veth RX ○ And vice versa network core ipv4... ... ... veth0 veth1
  • 33. ● Container networking ○ First veth in host’s net namespace ○ Peer veth in container’s net namespace ● Local links of a virtual network ● Network emulation veth use cases
  • 35. Bridge: 802.1d Ethernet Bridging ● Software L2 forwarding switch ○ Expands the L2 network across various links ○ 802.1q VLAN capable circa 3.9 ● Bridge has multiple slave devices (“ports”) ● rx_handler registered on slave devices ○ Picks output devices(s) based on FDB ○ Calls ‘dev_queue_xmit’ on output device ○ Packet consumed! Never enters L3 stack via input device eth1 eth2eth0 br0 rx_handler() dev_queue_xmit()
  • 36. ● Same / different medium ○ Slave devices present L2 ethernet network Bridging physical networks wifi0 ethoa3eth1 br0 bnep0 usbnet1
  • 37. Bridging virtual networks VM A VM B tap1 vxlan0tap0 br0 veth0 Container X veth1 veth2 Container Y veth3 tunnel to remote bridge
  • 39. MacVLAN: (circa 2.6.32) MAC Address based VLANs ● Network segmentation based on destination MAC ● Macvlan devices have underlying “lower” device ○ Macvlans on same link have unique MAC addresses ● Macvlan xmit ○ Calls ‘dev_queue_xmit’ on lower device ● rx_handler registered on lower device ○ Look for a macvlan device based on packet’s dest-MAC ○ None found? Return “Pass” (normal processing) ○ Found? Change skb->dev to the macvlan dev, return “Another round” rx_handler() eth0 mvlan0 mvlan1 mvlan2
  • 40. ● Network segmentation ○ Where 802.1q VLAN can’t be used MacVLAN use cases eth0 eth0_data eth0_voip 54.6.30.15/24 10.0.5.94/16 VoIP Service Internet Access Service
  • 41. ● Lightweight virtual network ○ For containers / VMs ○ Various operation modes ● MacVTAP (circa 2.6.34) ○ Each device has a tap-like FD interface MacVLAN use cases eth0 mvlan0 mvlan1 mvlan2 Container X Container Y Container Z
  • 42. GRE
  • 43. ip_gre: (circa 2.2) GRE Tunnel, IP Based ● Global initialization ○ Register the IPPROTO_GRE transport protocol handler ipv4 stack ipv6 ... network core gre stack... ... ... ... ... ...
  • 44. ip_gre: (circa 2.2) GRE Tunnel, IP Based ● Per device initialization ○ Store tunnel instance parameters ○ E.g. encapsulating iph.saddr, iph.daddr ipv4 stack ipv6 ... network core gre stack... ... ... ... ... ... gre0 54.90.24.7 gre1 81.104.12.5
  • 45. ip_gre device Transmit method ● Routing to remote subnet directed to gre device ○ E.g. 192.168.50.0/24 dev gre0 ● Install the GRE header ● Consult IP routing for output decision ○ Based on tunnel parameters ● Install the encapsulating IP header ● Pass to IP stack for local output ipv4 stack ipv6 ... network core gre stack... ... ... ... ... ... gre0 gre1
  • 46. ip_gre device Receive path ● Encapsulating packet arrives on a net device ● IP stack invokes the registered transport handler ● GRE handler looks-up for a matching tunnel instance ○ Based on encapsulating IP header fields ● Changes skb->dev to the matched tunnel device ● Skb points to inner packet ● Re-submit to network’s core RX path ipv4 stack ipv6 ... network core gre stack... ... ... ... ... ... gre0 gre1
  • 48. bond: (circa 2.2) Link Aggregation ● Aggregates multiple interfaces into a single “bond” ○ Various operating modes: Round-robin, active-backup, broadcast, 802.3ad... ● Bond device has multiple “slave” devices ● Bond xmit ○ Calls ‘dev_queue_xmit’ on slave devices(s) ● rx_handler registered on slave devices ○ Changes skb->dev as the bond device, returns “Another round” eth0 eth1 bond0 rx_handler() dev_queue_xmit()
  • 49. ● Bandwidth aggregation ● Fault tolerance / HA ● L2 based Load Balancing See similar ‘team’ driver (circa 3.3) bond use cases
  • 50. Summary ● Network stack brief ● net_device abstraction ● Logical network interfaces ○ Many covered! ○ Many others exist (see: ifb, vrf…) ● Questions? ● Contact me!