11, Network--linux Bridge (Bridge Foundation)

A. How the Bridge works First Knowledge

L Cache : The bridge first caches the received data frames and processes ;

learning: The bridge first finds the source MAC address of the frame in the bridge table If the address is not in the bridge table

L  filter : Determines whether the target node in the frame is in the network segment that sent the frame (the same port)   The bridge does not forward frames to the other ports of the bridge ;

L forwarding : If the target node of the frame is in another network, the bridge sends the frame to the correct network segment (forwarding to the other port) ;

Each bridge maintains a filter database based on MAC address, and the network bridge forwards the received frames to the corresponding local area network (port) based on this database.

in the filter database, each possible destination (the destination MAC address) is listed, and which output line it belongs to (a port number, which is the LAN that is forwarded to), and a timeout setting for each table entry .

can learn the changed address in time ;

Span style= "; font-family: Equal line; Line-height:150%;color:rgb (255,0,0); Font-weight:bold;font-size:14px;background:rgb ( 255,255,0); Background:rgb (255,255,0) "> forwarding : If in the table Find the destination address

forwarding :

work in a promiscuous way (receives all frames transmitted on the LAN connected to the bridge).

B. the work process of the network Bridge

L Assuming that the bridge receives a Mac frame on port x, there are the following rules

1.  Query the bridge table for the source Mac of the package, and if not, add the MAC address and its corresponding bridge port information; Continue to the next step;

2. Query the filter database to determine if the destination MAC address is in a different port than [ port x] ; If the destination MAC address is within Port X, do not forward;

3.when forwarding,If the purposeMACaddress in one of the port y filters in the database,DeterminePort yisIn a blocking or forwarding state(Spanning Tree Protocol). "in the future spanning tree algorithm we can see that a port may sometimes be blocked to prevent it from receiving or sending frames"If Port y is non-blocking, forward the frame through port y to the LAN to which it is connected.

4. when forwarding, if the destination MAC address is not found, the frame is forwarded ( diffused )to all ports except the port it is arriving in.

c. The scene analysis of the Network Bridge

Learning: Site A sends data to B, the bridge sees the source address of the frame to see a in Port 1, the filter database to add <A,1>.

Forwarding: The bridge does not know where B is, so it spreads the frame to all other ports (that is, ports 2 and 3). (all ports of the bridge connection, except Port 1)

Forwarding: B After receiving a sent over the frame, may respond, that is, B sends the data to a, this time the bridge to see the source address to understand that B on Port 2, join the table entry <b,2>, while the destination address a of the frame exists in the filter database, and on Port 1, So B sends back a frame to port 1 forwarding

Filter: Now site C sends data to a, as a, C and bridge connected to the same hub, the bridge will also receive the frame, look at the source address C, record C on Port 1, join the table entry <c,1>, and the destination address A in the filter database and the port on which it is received is the port, Therefore, no forwarding is made.

Aging: the TTL for filtering database table entries increases every second, more than a certain value is purged from the database, and the default TTL is set to 300 seconds. Aging is mainly due to the limited memory of the bridge, the situation of node movement.

d. Bridge explains a

Bridge is a device on Linux that is used for TCP/IP Layer two protocol switching, similar to the functionality of a real-world switch. Bridge device instances can be connected to other network device instances on Linux, both attach a slave device, similar to connecting a network cable between a real-world switch and a user terminal. When data arrives, Bridge broadcasts, forwards, and discards the MAC information in the message.

,bridge  functions are mainly implemented in the kernel. When a device is  attach  to  Bridge , the port equivalent to the real-world switch is inserted into a network cable with a terminal. At this point in the kernel program, Netdev_rx_handler_register () is called, and a callback function to accept the data is registered. This function will be called whenever the data is received from the device to forward the data to  Bridge . When  Bridge  receives this data, Br_handle_frame () is called to perform a similar process to the real-world switch: Judging the category of the package (broadcast/single point), finding the internal  MAC  port mapping table, Locate the target port number, forward the data to the destination ports or discard, and automatically update the internal  MAC  port mapping table to learn from itself.

There is a difference between the bridge  and the real-world Layer two switch, which is shown on the left side of the diagram: data is sent directly to  Bridge  instead of being accepted from a port. This can be seen as the  Bridge  itself has a  MAC  can proactively send messages, or  Bridge  comes with a hidden port and host  Linux  The system automatically connects the program on the,linux  to send data directly from this port to the other ports on  Bridge . So when a  Bridge  has a network device, such as  bridge0  when  eth0  is added, in fact  bridge0  has two effective   mac  address, one is  bridge0 , one is  eth0 , they can communicate with each other. The interesting thing about this is that,bridge  can set the  IP  address. Generally speaking, the  IP  address is the content of the three-tier protocol and should not appear on the two-tier device  Bridge . But  Linux   Bridge  is a generic network device abstraction, as long as the network device can set the  IP  address. When a  bridge0  owns  IP ,,linux  can locate the &NBSP;BRIDGE0 in layer three via the routing table or  IP  table rule, which is equivalent to   linux  has another hidden virtual network card and the hidden port of  Bridge  is connected, this network card is called  bridge0  Universal Network device,ip  can be regarded as this network card. When data arrives  bridge0  that meets this  IP , the kernel stack thinks it has received a packet of target-native data, and the application can receive it through  Socket . A better contrast example is the real-world lead-in switch device, which also has a hidden  MAC  address that is used by the three layer protocol handlers and hypervisor in the device. Three-layer protocol in the deviceHandler, which corresponds to a three-layer protocol handler for a generic network device called  bridge0 , which is the host  Linux  System kernel protocol stack program. The management program in the device, corresponding to the application in the  bridge0  host  Linux  system.

bridge  now has a limit: when a device is  attach  to  Bridge , the  IP  of that device becomes invalid,linux  no longer uses that  IP  to accept data on layer three. For example, if  eth0  original  IP  is  192.168.1.2, at this point, if you receive a destination address that is  192.168.1.2  data,linux  Application can receive it through the  Socket  operation. And when  eth0  is  attach  to a  bridge0 , although  eth0   IP  is still there, However, the application is not able to accept the above data. The  IP 192.168.1.2  should be given to  bridge0 at this time.

Another thing to note is the direction of the data flow. For a device to be attach to bridge, only when it receives data, the packet data will be forwarded to bridge to complete the subsequent operations such as table-check broadcast. When the request is a send type, the data is not forwarded to Bridge and it looks for the next send exit. Users often ignore this when they configure the network and cause network failures.

E. Bridge Tutorial Two

Such as: The message sent by host A is sent to the eth0 port of the switch S1, because eth0 and eth1, Eth2 Bridge together, so the message is copied to eth1 and eth2, and sent out, and then by Host B and switch S2 received. And S2 will forward the message to host C, D.

The switch does not tamper with the message data during the message forwarding process, but copies it as is. However, bridging is not implemented at the physical level, but at the data link layer. The switch can understand the data link layer of the message, so the bridge is actually not pure message forwarding.
The switch takes care of the MAC address information (including the source and destination addresses) that fills in the header of the data link layer of the message, to see where each MAC address represents the host (which is connected to which port on the switch). In the case of message forwarding, the switch only needs to forward to a specific network port, thus avoiding unnecessary network interaction. This is the "address learning" of the switch. However, if the switch encounters an address that it has not learned, it will not know which port the message should be forwarded from, then it has to forward the message to all network ports (except the one that receives the message).
For example, host C sends to host aa message arrives at the ETH2 network port of the switch S1. Assuming S1 has just started and has not learned any addresses, it forwards the messages to eth0 and eth1. At the same time, S1 will be based on the source MAC address of the message, recording "Host C is through the ETH2 network port access." So when host a sends a message to C, S1 only needs to forward the message to the ETH2 network port. When the host D sends a message to C, it is assumed that the switch S2 the message to the S1 's eth2 network (in fact S2 will probably not do so because of the address learning), then the S1 will simply discard the message without doing forwarding (because the host C is from the eth2 access).

However, the network topology cannot be immutable. Suppose we will host B and host C in a different location, when the host C sent a message (regardless of who sent), the switch S1 eth1 Port received the message, so the switch S1 will update its learning address, the original "host C is through the ETH2 network port access" to "host C is through the ETH1 network port access."
But what if host C never sends a delivery paper? S1 will always think "host C is through the ETH2 network port access", so the other host sent to C messages are forwarded from ETH2, the results of the message was lost. Therefore, the address learning of the switch requires a timeout policy. For switch S1, if the last message received from host C has elapsed (by default, 5 minutes), then S1 needs to forget that "host C is connected through the eth2 port" thing. In this way, the message destined for host C will be forwarded to all network ports, and the messages forwarded from ETH1 will be received by host C.

11, Network--linux Bridge (Bridge Foundation)