Linux under bridge bridging mode two

The previous article into the blog Park earlier, and this writing in the time only to find the internal complex so that failed to complete on time, resulting in two articles of the interval a bit long!

Talk not much, but to the truth!

the previous article introduced the bridge mode of basic theoretical knowledge, in fact, this section wants to combine the Linux source code analysis under the bridge mode of the packet forwarding process, but see the source only found that this part of the content too much, not an article can be described clearly, So decided this article mainly introduces the Linux network related main structure, as well as the relationship between the various structures when a network packet to the host physical network card, because the NIC is already promiscuous mode, so the destination of this packet is not necessarily the host itself. The device controller of the NIC then sends an interrupt signal to the APIC of the host. When the CPU receives the interrupt signal, it automatically enters the process of processing the interrupt, and calls the network card driver registered interrupt handler in IDT for processing.

and the final packet will be __netif_receive_skb_core function, before entering this function, we need to understand the relevant data structure.
struct Net_device network device structure, here are only the relevant information we want to analyze

1 structnet_device{2 ...3UnsignedLongState ;4 5 ...6UnsignedintFlags/*interface Flags (a la BSD)*/7UnsignedintPriv_flags;/*Like ' The flags ' but invisible to userspace.8 9 ...Ten  　　  One #if is_enabled (config_vlan_8021q) A struct Vlan_info __rcu *vlan_info; /* VLAN Info*/ -  　　 #endif -  the ... -UnsignedChar*dev_addr -rx_handler_func_t __rcu *Rx_handler; -  　　 void__RCU *Rx_handler_data; +  - ... +  A } at

The Net_device structure represents a network device, and each physical NIC and Linux interior has an independent net_device structure corresponding to it.

State indicates the status of the device

Flag indicates the characteristics of the device, while Priv_flag represents the device's private feature, which is not visible to user space.

DEV_ADDR represents the MAC address of the device

Rx_handler represents a hook function, which is initialized to a function that forwards packets when the network card promiscuous mode is turned on.

Rx_hander_data represents the parameters of the preceding function

Packet structure of struct Sk_buff application layer

1 structsk_buffer{2  　　 structSk_buff *Next;3  　　 structSk_buff *prev;4 5 ...6 7  　　 structNet_device *Dev;8 9 ... One the__u16 Transport_header;//Transport Layer Head offset -__u16 Network_header;//IP Header Offset -__u16 Mac_header;//MAC address offset -  　　 /*These elements must is at the end and see ALLOC_SKB () for details.*/ + sk_buff_data_t tail; - sk_buff_data_t end; +UnsignedChar*head,//Buffer Header Pointer A*data;//Data Pointers atUnsignedinttruesize; - atomic_t users; -  -}

The structure is the necessary structure for packet-by-layer delivery, where next and Prev point to the next and previous Buffer,dev to indicate which device the buffer is coming from, data pointing to buffer, head pointing to the beginning of the buffer,

Mac_header is the Ethernet head to head pointer offset, Network_header is the IP packet head to head pointer offset, Transport_header is the transfer layer head to head pointer offset, tail point to the end of the data section, End points to the ending of the buffer. Truesize is the actual size of the buffer, user records the number of users, mainly indicates whether to share.

struct Net_bridge bridge structure

 1  struct   net_bridge{ 2  struct  list_head port_list; //  All ports consist of a list header  3  //  corresponding physical device  4   ...  6  7  struct  net_bridge_mdb_htable __rcu *mdb;  8   9 } 

This is the structure of the internal network Bridge of Linux, Port_list connects all the ports of the bridge, Dev points to the Network Bridge's device structure, MDB points to the Network Bridge Multicast database forwarding

struct Net_bridge_port bridge port structure

1 structNet_bridge_port2 {3     structNet_bridge *BR;//the corresponding Network bridge4     structNet_device *dev;//Port-corresponding device5     structList_head list;6 ...7 U8 State;8 ...9UnsignedLongflags;Ten ... One     structHlist_head mglist; A ... -}

The NET_BRIDGE_PORT structure corresponds to a port on the bridge, state indicates the port's status, flags indicates the characteristics of the port itself, dev points to its associated device, BR points to its attach bridge, and Mglist connects all the groups joined by the port. Flag records Some features of the port, state indicates a certain status of the port, such as forwarding, learning, and so on.

struct Net_bridge_fdb_entry bridge internal forwarding table table entry

1 structNet_bridge_fdb_entry2 {3     structHlist_node hlist;4     structNet_bridge_port *DST;5 6     structrcu_head RCU;7UnsignedLongupdated;8UnsignedLongused;9 mac_addr addr;TenUnsignedCharis_local; OneUnsignedCharis_static; A __u16 vlan_id; -};

This is a table entry for the internal forwarding of the bridge, and Hlist indicates that the table item exists as a node in a table, which is the forwarding table. DST points to the destination port, addr is the MAC address of the table entry, islocal indicates whether it is a local port, the local port I suspect is the network bridge data inflow port, that is, when the destination Mac is the local port indicates that this is the packet destined for the local, the isstatic indicates whether it is a static address, Static addresses cannot be updated automatically.

struct net_bridge_mdb_htable/* Multicast group database forwarding, which connects all multicast group database forward items through a hash array */

1 structnet_bridge_mdb_htable2 {3  　　 structHlist_head *Mhash;4  　　 structrcu_head RCU;5  　　 structNet_bridge_mdb_htable *Old ;6  　　 u32 size;7  　　 u32 Max;8  　　 u32 secret;9  　　 u32 ver;Ten};

The structure represents a multicast database forwarding item, which connects all multicast database forwards. Size represents the scale of the table, and Max represents the maximum capacity.

struct Net_port_vlans

1 structNet_port_vlans {2 U16 Port_idx;3 U16 Pvid;4 Union {5         structNet_bridge_port *Port;6         structNet_bridge *BR;7 } parent;8     structrcu_head RCU;9UnsignedLongVlan_bitmap[br_vlan_bitmap_len];TenUnsignedLongUntagged_bitmap[br_vlan_bitmap_len]; One U16 Num_vlans; A};

struct Net_bridge_mdb_entry

structnet_bridge_mdb_entry{structHlist_node hlist[2]; structHlist_node mglist; structNet_bridge *BR;//Bridge       structNet_bridge_port_group *ports;//       structRcu_head RCU; structTimer_list timer;//Multicast Group database entry failure timer, if timed out, will remove the multicast port from the multicast port list of the multicast group database entry       structTimer_list Query_timer;//Query Timing__be32 addr;//Multicast group Addressu32 queries_sent;};

struct Net_bridge_port_group

1 structNet_bridge_port_group {2     structNet_bridge_port *Port;3     structNet_bridge_port_group __rcu *Next;4     structHlist_node mglist;5     structrcu_head RCU;6     structtimer_list timer;7     structbr_ip addr;8UnsignedCharState ;9};

This is the group structure for multicast, a group binding a multicast address Addr,next point to the next multicast group, port to the group of ports, timer is a timer, mglist is used to connect a port to join all the group, the header is saved in the port structure

struct MAC_ADDR MAC address structure

1 struct mac_addr 2 {3     Char    addr[6]; 4 };

You can see that the MAC address in the kernel is represented by 6 bytes

Some of the structures involved are basically here, there are many variables I am not very clear, there is a wrong place to ask teachers to correct me!! The next article on the combination of source code analysis of the specific packet processing process

Linux under bridge bridging mode two