Netlink

From Wikipedia, the free encyclopedia
Jump to: navigation, search
For the modem, see Sega NetLink.
Netlink
Stable release 3.15.6 (17 July 2014; 5 days ago (2014-07-17)) [±][1]
Operating system Linux
Platform Linux kernel
Type Application programming interface
License GNU General Public License
Website www.linuxfoundation.org/collaborate/workgroups/networking/netlink

Netlink is a socket family used for IPC between the kernel and user space processes, as well as between user processes (e.g. Unix domain sockets) or a mixture of both types. However, unlike INET sockets, it cannot traverse host boundaries, as it addresses processes by their (inherently local) PIDs.

Netlink was designed for and is used to transfer miscellaneous networking information between the kernel space and user space processes. Networking utilities, such as the ones in iproute2 or the ones for configuring the mac80211-based wireless drivers, use Netlink to communicate with the Linux kernel from user space. Netlink consists of a standard socket-based interface for user space processes and a kernel-side API used internally for kernel modules. Originally, Netlink used the AF_NETLINK socket family.

It is designed to be a more flexible successor to ioctl. RFC 3549 describes the Netlink protocol in detail.

History[edit]

Netlink was created by Alexey Kuznetsov[2] as a more flexible alternative to the sophisticated but awkward ioctl communication method which software used for setting and getting external socket options. The Linux kernel continues to support ioctl for backward compatibility. It can be used as follows:

error = ioctl(ip_socket, ioctl_type, &value_result);

Netlink was first provided in 2.0 series of the Linux kernel as a character device. As of 2013 this interface is obsolete, but as an ioctl communication method, it can still be used. (Compare the use of rtnetlink.[3]) The Netlink socket interface appeared in 2.2 series of the Linux kernel.

Packet structure[edit]

Bit offset 0–15 16–31
0 Message length
32 Type Flags
64 Sequence number
96 PID
128+  
Data
 

Unlike the BSD socket access to Internet protocols such as TCP where the headers specifying flags and destination are autogenerated, the Netlink message header (available as struct nlmsghdr) must be prepared by the caller, as the socket generally works in a SOCK_RAW-like mode, even if SOCK_DGRAM was used to create it.

The data portion then contains a subsystem-specific message that may be further nested.

Netlink socket families[edit]

The AF_NETLINK family offers multiple protocol subsets. Each interfaces to a different kernel component and has a different messaging subset. The following protocol is referenced in the field below:

int socket(AF_NETLINK, SOCK_DGRAM or SOCK_RAW, protocol)

Lacking a standard, SOCK_DGRAM and SOCK_RAW are not guaranteed to be implemented in a given Linux (or other OS) release. Some sources state that both options are legitimate, and the reference below from Red Hat states that SOCK_RAW is always the parameter, however iproute2 uses both interchangeably.

Netlink protocols[edit]

A non-exhaustive list of the supported protocol entries follows:

NETLINK_ROUTE

NETLINK_ROUTE provides routing and link information. This information is used primarily for user-space routing daemons. Linux implements a large subset of messages:

  • Link layer: RTM_NEWLINK, RTM_DELLINK, RTM_GETLINK, RTM_SETLINK
  • Address settings: RTM_NEWADDR, RTM_DELADDR, RTM_GETADDR
  • Routing tables: RTM_NEWROUTE, RTM_DELROUTE, RTM_GETROUTE
  • Neighbor cache: RTM_NEWNEIGH, RTM_DELNEIGH, RTM_GETNEIGH
  • Routing rules: RTM_NEWRULE, RTM_DELRULE, RTM_GETRULE
  • Queuing discipline settings: RTM_NEWQDISC, RTM_DELQDISC, RTM_GETQDISC
  • Traffic classes used with queues: RTM_NEWTCLASS, RTM_DELTCLASS, RTM_GETTCLASS
  • Traffic filters: RTM_NEWTFILTER, RTM_DELTFILTER, RTM_GETTFILTER
  • Others: RTM_NEWACTION, RTM_DELACTION, RTM_GETACTION, RTM_NEWPREFIX, RTM_GETPREFIX, RTM_GETMULTICAST, RTM_GETANYCAST, RTM_NEWNEIGHTBL, RTM_GETNEIGHTBL, RTM_SETNEIGHTBL
NETLINK_FIREWALL

NETLINK_FIREWALL provides an interface for a user-space app to receive packets from the firewall.

NETLINK_NFLOG

NETLINK_NFLOG provides an interface used to communicate between used Netfilter and iptables.

NETLINK_ARPD

NETLINK_ARPD provides an interface to manage the ARP table from user-space.

NETLINK_AUDIT

NETLINK_AUDIT provides an interface to the audit subsystem found in Linux kernel versions 2.6.6 and later.

NETLINK_IPV6_FW

NETLINK_IPV6_FW provides an interface to transport packets from netfilter to user-space.

NETLINK_ROUTE6
NETLINK_TAPBASE
NETLINK_TCPDIAG
NETLINK_XFRM

NETLINK_XFRM provides an interface to manage the IPsec security association and security policy databases - mostly used by key-manager daemons using the Internet Key Exchange protocol.

User-defined Netlink protocol[edit]

Users can add a Netlink handler in their own kernel routines. This allows the development of additional Netlink protocols to address new kernel modules.[4]

See also[edit]

References[edit]

  1. ^ "Linux 3.15.6". Linux kernel mailing list. 17 July 2014. //https://lkml.org/lkml/2014/7/17/703.
  2. ^ "kernel/git/torvalds/linux.git: root/net/core/rtnetlink.c". Linux kernel source tree. kernel.org. Retrieved 2014-05-27. 
  3. ^ Crowcroft, Jon; Phillips, Iain, eds. (2002). TCP/IP and Linux protocol implementation: systems code for the Linux Internet. Wiley Networking Council series. Wiley. p. 624. ISBN 9780471408826. Retrieved 2013-05-21. "All rtnetlink messages consist of a netlink message header and appended attributes." 
  4. ^ Why and How to Use Netlink Sockets

External links[edit]