Linux Kernel ARP design overview ZT

Linux Kernel ARP design overview ZT-Linux general technology-Linux programming and kernel information, the following is a detailed description. ARP (Address Resolution Protocol) is used to convert an IP Address into the physical IP Address (hardware Address) of the machine's Nic ).
When a machine sends an IP packet to another physically connected machine, it must first check its ARP cache and try to find
If the peer's hardware address cannot be found, put the IP packet to be sent into the waiting queue, and then send an ARP request. Wait until you receive
When ARP responds, construct the ethernet header (destination hardware address, source hardware address) of the IP packet that was waiting.
The IP packet is sent out.
Linux's ARP implementation is quite complex, in part because Linux not only supports ethernet, but also supports other types of networks,
Another reason is that ARP implementation is actually related to routing, so it is not easy to understand.

First, let's talk about the ARP function calling process:
(1) when the system is initialized, arp_init is called to initialize the ARP cache (arp_tbl), and ARP Protocol reception is registered.
Function.
(2) When the NIC driver receives a packet, it will allocate a sk_buff (skb) to copy the data
This buffer, then call netif_rx to put the skb in the waiting queue (input_pkt_queue), and generate
Soft Interrupt. When the system handles this soft interrupt, it will call net_rx_action. According to the network package type,
Call the corresponding receiving function for processing. If it is an ARP packet, arp_rcv is called.
(3) arp_rcv checks whether the arp request asks the hardware address of the local machine or the local agent. If so, call arp_send
Send back arp response. In addition, arp_rcv also tries its best to retain the mac addres of the target machine.
(4) arp_send assigns a sk_buff (skb), fills in the arp packet type, source hardware address, source IP address, and target hardware address,
The destination IP address, and then call the arp package dev_queue_xmit to send it out.

Next, describe the main data structure of ARP:

(1) neigh_table
Neigh_table is a hash table used to describe the information of physically connected machines. ARP cache arp_tbl is
Such a neigh_table. All the neigh_tables in the system are connected together. The following are some major domains:




+ Struct neighbor * hash_buckets [NEIGH_HASHMASK + 1];
Hash_buckets stores information about all neighbors (physically connected machines). There are 32 buckets and each bucket
Stores a neighbor linked list.

+ Struct pneigh_entry * phash_buckets [PNEIGH_HASHMASK + 1];
Phash_buckets stores all the proxy arp entries. Each entry consists of the NIC device and IP address, specifying
The mac address of the ip address proxy of the NIC device. There are 16 buckets in total.

+ Int family; network type, AF_INET
Int entry_size; Size: sizeof (struct neighbor) + 4
Int key_len; key length, 4

+ _ U32 (* hash) (const void * pkey, const struct net_device *);
Int (* constructor) (struct neighbor *);
Int (* pconstructor) (struct pneigh_entry *);
These are ARP hash functions, neighbor and pneigh_entry constructor,

+ Struct neigh_parms parms;
Some parameters of ARP cache, including ARP packet transmission time, retransmission time, queue length, and proxy queue length.

+ Int gc_interval;
Int gc_thresh1;
Int gc_thresh2;
Int gc_thresh3;
Unsigned long last_flush;
Struct timer_list gc_timer;
ARP cache has a collection mechanism (garbage collection), which is used to set the collection frequency.
And threshold.

+ Struct sk_buff_head proxy_queue;
Sometimes the proxy arp does not immediately send back the response, so the arp packet is temporarily placed in this queue.

(2) neighbor
Neighbor contains information about neighbors (physically connected machines). The following is the domain it only needs:

+ Struct net_device * dev;
A network device (Network Card) connected to a neighbor ).

+ _ U8 nud_state;
Neighbor status, including NUD_INCOMPLETE (unfinished), NUD_REACHABLE (inaccessible ),
NUD_STALE (obsolete) and NUD_FAILED (failed.

+ Unsigned char ha [(MAX_ADDR_LEN + sizeof (unsigned long)-1 )&~ (Sizeof (unsigned long)-1)];
The hardware address of the neighbor.

+ Struct hh_cache * hh;
The header cache of the ethernet package is used to speed up sending to neighbors. Linux's efforts to improve efficiency can be seen :-).

+ Struct sk_buff_head arp_queue;
Wait for the IP packet queue of the hardware address of the neighbor.

+ Struct neigh_ops * ops;
A set of function pointers for neighbor operations. It is a bit like a member function of the c ++ class.

+ U8 primary_key [0];
The primary key of the hash table, generally the IP address.