| 1. |
The Linux Networking Stack |
|
4 hours |
|
A brief review of the Linux Networking stack, and fundamental Kernel concepts we build the rest of the course on. Topics include:
- BSD Socket API from user mode - refresher
- Review of system call mechanism in Linux, focusing on User/Kernel mode traversal
- Interrupt Handlers and SoftIRQs in the Kernel
|
| 2. |
Down the Rabbit Hole |
|
2 hours |
|
Implementation of the BSD Socket API, and following the path of data from the socket to the network
- Key Kernel structures:
- Struct sk
- Struct sk_buff
- Struct proto
- Struct inet_protocol
|
| 3. |
Up The Rabbit Hole |
|
4 hours |
|
Following the path data takes from its initial reception as individual packets, through routing decisions and up to the socket level. We focus in depth on the standard Linux Ethernet 10/100/1000 driver
-
- The Network Interrupt Handler
- NAPI
- net_rx_action()
- netif_receive_skb()
- ip_rcv()
- udp/tcp_v4_rcv()
|
|
NetFilter/IPTables is the Linux Kernel built-in packet filtering/firewall mechanism. Implemented as a series of callbacks in key points throughout the packet processing mechanism, it allows developers to hook packets along the processing path.
- Explaining NetFilter
- IPTables
- Hook locations:
- NF_IP_PRE_ROUTING
- NF_IP_LOCAL_IN
- NF_IP_FORWARD
- NF_IP_LOCAL_OUT
- NF_IP_POST_ROUTING
- Registering custom hooks
|
| 5. |
Linux as a Bridge |
|
2 hours |
|
Detailed discussion of Linux bridging functionality, exposed by CONFIG_BRIDGE. Bridging splits off from normal packet processing when the MAC address of a frame is discovered to be different from the host's own.
- Bridging Logic
- br_input and br_handle_frame
- Handling VLANs
- NetFilter/EBTables
|
| 6. |
The Routing Subsystem |
|
4 hours |
|
Focusing on the routing architecture of the Linux Kernel, we discuss Linux's internal maintenance of IPv4 and IPv6 routing tables, including:
- Routing Table implementation
- Forwarding Information Base (FIB) and fib_rules
- Efficient lookup of next hops
- NetLink Routing Sockets
|