Netlink
From Wikipedia, the free encyclopedia
Please help improve this article or section by expanding it. Further information might be found on the talk page or at requests for expansion. (December 2007) |
Netlink is socket-like mechanism for IPC between kernel and user space processes, as well as between user-space processes alone (like e.g., unix sockets) or mixture of multiple user space and kernel space processes. However, unlike INET sockets, it can't traverse host boundaries, as it addresses processes by their (inherently local) PIDs.
It was designed and is used to transfer miscellaneous networking information between the Linux kernel space and user space processes. Many networking utilities use netlink to communicate with linux kernel from user space, for example iproute2. Netlink consists of a standard socket-based interface for userspace process and an internal kernel API for kernel modules. It is designed to be a more flexible successor to ioctl. Originally netlink uses AF_NETLINK socket family.
RFC 3549 describes netlink protocol in detail.
Contents |
[edit] History
As mentioned earlier netlink was created as a more flexible alternative than sophisticated and awkward ioctl communication method which was used for setting and getting external socket options. Sockets ioctl interface is still supported by the Linux kernel for backward capability. It can be used as following:
- error = ioctl(ip_socket, ioctl_type, &value_result);
Netlink was first provided in Linux 2.0 as a character device. This interface is obsolete, but as ioctl it can still be used too. The netlink socket interface appeared in the 2.2 Linux kernel.
[edit] Netlink Socket Families
For the AF_NETLINK family, there are different protocol subsets. Each of these interface to a different kernel component and have a different messaging subset. The following protocol is referenced in the field below:
int socket(AF_NETLINK, SOCK_DGRAM|SOCK_RAW, protocol)
Unfortunately, it seems that there is no standard, and it is unclear as to whether or not SOCK_DGRAM and SOCK_RAW are supported on a given Linux (or other OS) release. Some sources state that both options are legitimate, and the reference below from Red Hat states that SOCK_RAW is always the parameter.
This may change anytime as there is no "standard" to which the Linux development community sticks. However, a non-exhaustive list of the supported protocol entries follows:
[edit] NETLINK_ROUTE
NETLINK_ROUTE provides routing and link information. This information is used primarily for user-space routing daemons. There is a large subset of messages that Linux implements:
- Link Layer: RTM_NEWLINK, RTM_DELLINK, RTM_GETLINK, RTM_SETLINK
- Address Settings: RTM_NEWADDR, RTM_DELADDR, RTM_GETADDR
- Routing Tables: RTM_NEWROUTE, RTM_DELROUTE, RTM_GETROUTE
- Neighbor Cache: RTM_NEWNEIGH, RTM_DELNEIGH, RTM_GETNEIGH
- Routing Rules: RTM_NEWRULE, RTM_DELRULE, RTM_GETRULE
- Queuing Discpline Settings: RTM_NEWQDISC, RTM_DELQDISC, RTM_GETQDISC
- Traffic Classes used with Queues: RTM_NEWTCLASS, RTM_DELTCLASS, RTM_GETTCLASS
- Traffic filters: RTM_NEWTFILTER, RTM_DELTFILTER, RTM_GETTFILTER
- Others: RTM_NEWACTION, RTM_DELACTION, RTM_GETACTION, RTM_NEWPREFIX, RTM_GETPREFIX, RTM_GETMULTICAST, RTM_GETANYCAST, RTM_NEWNEIGHTBL,RTM_GETNEIGHTBL, RTM_SETNEIGHTBL
[edit] NETLINK_FIREWALL
NETLINK_FIREWALL provides interface for a user-space app to receive packets from the firewall.
[edit] NETLINK_NFLOG
NETLINK_NFLOG provides an interface used to communicate between used Netfilter and iptables.
[edit] NETLINK_ARPD
NETLINK_ARPD provides an interface to manage the arp table over user space.
[edit] NETLINK_IPV6_FW
[edit] NETLINK_ROUTE6
[edit] NETLINK_TAPBASE
[edit] NETLINK_TCPDIAG
[edit] NETLINK_XFRM
[edit] User Defined Netlink protocol
The user can add a netlink handler in their own kernel routines. This allows additional Netlink protocols to be developed to address new kernel modules. The Linux Journal article Why and How to Use Netlink Sockets provides some guidance on how to create Netlink sockets on the kernel side.