Linux Common Neighbor Infrastructure

1. Provide a cache for each protocol to store L3 to L2 conversion results.

2. Provides functions to add, delete, change, and find a specific mapping entry in the cache. The lookup function must be fast because it affects the performance of the entire system.

3. Provide an aging mechanism for each protocol cache data item.

4. Provides a selection substitution policy when the cache is full and is just about to create a new mapping entry.

5. Provide a request queue for each neighbor. When you are ready to send a packet and its L2 address is not in the address cache, you must put the packet in the buffer until the solicitation request is made and the answer is received. See chapter 27, Line up section.

In order for each protocol to adapt to the behavior of the neighbor self-system, Linux defines a set of placeholders (placeholder) or virtual functions, in which each protocol can insert the function it wants to use. This is similar to the way Linux allows users to customize the kernel, and the neighbor layer provides a set of tunable parameters to configure it. These parameters can be configured through the user Space command, the/proc file system, or the protocol itself. Finally, all the protocols that access the cached function are the same, but different protocols may use different byte lengths of keywords (addresses). Therefore, the infrastructure provides a common way to define the type used by the keyword.

The end host needs no configuration or any special browser. This proxy is called a transparent proxy.

The host needs to be paired with a proxy to access the Internet. The proxy server uses the router to access the Internet only if its own cache is not hit.

The proxy server for the neighbor protocol is a host that responds to requests for solicitation that do not belong to their own address, instead of the host that owns those addresses. Because of proxies, hosts in different LANs can communicate with each other as if they were on the same LAN.

The host of the ARP proxy agent cannot be in the same subnet as itself, otherwise the destination host will answer with the agent colleague, and the sender does not know which one to choose.

For the proxy ARP problem, I do have a period of time also have some confusion, so then go to use the real machine to do experimental verification, now will verify the results of feedback to you.
"Network topology for Dual router interconnection (RT1--RT2), a PC (XP system) on the RT1 Ethernet interface, the network segment is 192.168.1.X/24"
(1) PC does not set gateway
On the real machine to open the clutch tool, the action for the PC ping router RT1 loopback 1 interface 1.1.1.1, found no ARP request information, no packet flow.
(2) The gateway is set to itself
On the real machine to open the capture tool, the action for the PC ping router RT1 loopback 1 interface 1.1.1.1, found that there is an ARP request, and directly request the ping command after the IP address corresponding to the ARP.
(3) The gateway is set to the loopback interface of the router RT1 1.1.1.1
On the real machine to open the capture tool, the action for the PC ping router RT1 loopback 2 interface 10.10.10.10, found that there is an ARP request, and the request is the Gateway 1.1.1.1, able to communicate.
Summary: The router receives an ARP request packet, and whether to do the proxy depends on whether there is a corresponding routing entry for the ARP destination IP on the router.
Test:
(4) Configure the loopback interface 2.2.2.2 on the RT2, and make the corresponding static route on RT1 and RT2 to ensure the accessibility of the route.
A: Repeat the above (2) action (the target IP of ping is changed to 2.2.2.2) and find that the two layer package can be implemented correctly.
B: Undo the Router RT1 routing entry, found that a step of the experimental results are not two layers package!
C: On the basis of B, on the router RT1 write the default route, the interface is connected to the Ethernet interface of the PC, the target IP to do ping is changed to 2.2.2.2 Action, the result can be set to ping different, more importantly, the generation of ARP entries in the PC are not (there is ARP request packet, but no answer)!

Summary: The router receives an ARP request from the interface on which the ARP proxy is turned on, and the destination IP address is self-accessible, and the outbound interface of the corresponding routing entry is not the interface that receives the ARP request, then the router performs the proxy ARP function!

Device based IPv4 all valid requests received by the appliance will be processed. This is the most common case in IPV4, not used in IPV6.

Destination based Ipv4+ipv6 when deciding whether to proxy, consider both the destination address and the device two properties. This means that the agent can answer requests for the selected IP address. Based on the destination address of the agent when the IPV6 network standard, IPV4 can also be used.

On shared media, any frame emitted by any host is received by all hosts connected directly to that media.

Ethernet (Ethernet) has the characteristics of shared media, the information is transmitted over the network in plaintext, and when the network adapter is set to listen mode (promiscuous mode, promiscuous), due to the use of Ethernet broadcast channel contention, So that the listening system and normal communication network can be connected in parallel, and can capture any one in the same conflict domain transmission of packets. The IEEE802.3 standard Ethernet uses the method of continuous CSMA, precisely because the Ethernet uses this broadcast channel contention way, makes each site can obtain the data which the other site sends. Using this principle enables the information capture system to intercept the information we want, which is the physical basis for capturing the packet.
Ethernet is a bus-type network, which logically consists of a bus and a number of sites connected to the bus at each site using the above mentioned CSMA/CD protocol for channel contention and sharing. Each site (this refers specifically to the computer through the interface card) network card to achieve this function. The main work of the network card is to complete the current state of the bus detection, determine whether to transmit data, to determine whether each physical data frame destination is the address of the site, if not match, it is not sent to the site and discard it. If so, receive the data frame, perform a CRC check of the physical data frame, and then submit the data frame to the LLC sublayer. The
Network card has several operating modes:
1) Broadcast mode (Broad Cast model): Its Physical address (MAC) address is 0XFFFFFF frames for broadcast frames, and the network card that works in broadcast mode receives broadcast frames.
2) Multicast transfer (multicast Model): The multicast address as the destination physical address of the frame can be received by the other hosts in the group, while the host outside the group is not received. However, if the network card is set to multicast transfer mode, it can receive all multicast transfer frames, regardless of whether it is a member of the group.
3) Direct mode: The network card that works in direct mode receives only the frame where the address of the target is its own MAC address.
4) Promiscuous mode (promiscuous model): the NIC operating in promiscuous mode receives all the frames that flow through the network card, and the packet capture program is running in this mode. The default working mode of the
network card includes broadcast mode and direct mode, that is, it receives only the broadcast frames and the frames that are sent to itself. In promiscuous mode, a network network card from one site will accept packets sent by all sites within the same network so that it can be reached for the purpose of monitoring the capture of the net information.

When a host receives a solicitation request for an address outside the local subnet, the host can handle it if it starts the proxy function. First the neighbor subsystem checks whether the global agent is turned on, and if not, checks whether it is configured to proxy that particular address.

Forwarding is turned on on the proxy server that received the request.

Because the proxy server is plugged into the host, it must accept traffic that is forwarded between the two endpoints. Proxy and forward stand-alone configuration.

ARP solicitation requests are always sent to the L2 broadcast address. This guarantees that all hosts on the shared media will receive it. In this way, the proxy server does not need to configure any of its excuses into promiscuous mode, it can intercept the request of his agent's host.

The ND protocol handles solicitation requests and responses using L3 broadcast addresses. When the router wants to proxy a specific IP address, it must accept the corresponding L3 multicast address.

Linux Common Neighbor Infrastructure