本文主要讲解了Linux中处理需要传输的IP报文流程,使用的内核的版本是2.6.32.27
为了方便理解,本文采用整体流程图加伪代码的方式对Linux中处理需要传输的IP报文流程进行了讲解,希望可以对大家有所帮助。阅读本文章假设大家对C语言有了一定的了解
首先从IP的更高层传输层看看是如何管理的
//----------------------------------------------------------------------------------------------------------------------------------------------------------------------- /*四层协议的注册,都注册为net_protocol结构,并hash到inet_protos表中进行统一管理*/ #ifdef CONFIG_IP_MULTICAST static const struct net_protocol igmp_protocol = { .handler = igmp_rcv, .netns_ok = 1, }; #endif static const struct net_protocol tcp_protocol = { .handler = tcp_v4_rcv, .err_handler = tcp_v4_err, .gso_send_check = tcp_v4_gso_send_check, .gso_segment = tcp_tso_segment, .gro_receive = tcp4_gro_receive, .gro_complete = tcp4_gro_complete, .no_policy = 1, .netns_ok = 1, }; static const struct net_protocol udp_protocol = { .handler = udp_rcv, .err_handler = udp_err, .gso_send_check = udp4_ufo_send_check, .gso_segment = udp4_ufo_fragment, .no_policy = 1, .netns_ok = 1, }; static const struct net_protocol icmp_protocol = { .handler = icmp_rcv, .no_policy = 1, .netns_ok = 1, }; static int __init inet_init(void) { /* * Add all the base protocols. */ if (inet_add_protocol(&icmp_protocol, IPPROTO_ICMP) < 0) printk(KERN_CRIT "inet_init: Cannot add ICMP protocol "); if (inet_add_protocol(&udp_protocol, IPPROTO_UDP) < 0) printk(KERN_CRIT "inet_init: Cannot add UDP protocol "); if (inet_add_protocol(&tcp_protocol, IPPROTO_TCP) < 0) printk(KERN_CRIT "inet_init: Cannot add TCP protocol "); #ifdef CONFIG_IP_MULTICAST if (inet_add_protocol(&igmp_protocol, IPPROTO_IGMP) < 0) printk(KERN_CRIT "inet_init: Cannot add IGMP protocol "); #endif }
在4层处理完成之后,4层会调用IP层的接口ip_qeueu_xmit进行
报文发送
//----------------------------------------------------------------------------------------------------------------------------------------------------------------------- /*ipv4.c中注册的让上层协议使用的接口*/ static const struct inet_connection_sock_af_ops dccp_ipv4_af_ops = { .queue_xmit = ip_queue_xmit, }; /*将dccp_ipv4_af_ops注册到协议中*/ static int dccp_v4_init_sock(struct sock *sk) { inet_csk(sk)->icsk_af_ops = &dccp_ipv4_af_ops; } /*TCP数据报文发送函数*/ static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it, gfp_t gfp_mask) { const struct inet_connection_sock *icsk = inet_csk(sk); /*使用ip_queue_xmit发送数据报文*/ err = icsk->icsk_af_ops->queue_xmit(skb, 0); } //----------------------------------------------------------------------------------------------------------------------------------------------------------------------- int ip_queue_xmit(struct sk_buff *skb, int ipfragok) { struct sock *sk = skb->sk; struct inet_sock *inet = inet_sk(sk); struct ip_options *opt = inet->opt; struct rtable *rt; struct iphdr *iph; /*检查套接字结构中sk->dst中是否有一个指针指向路由缓存中的某个入口项 *如果有,再检查这个指针是否有效,由于套接字的所有包都去往同一个目标 *地址,因此路由就存放在skb->_skb_dst中,内容为dst_entry结构 */ rt = skb_rtable(skb); if (rt != NULL) goto packet_routed; rt = (struct rtable *)__sk_dst_check(sk, 0); { if (dst && dst->obsolete && dst->ops->check(dst, cookie) == NULL) { sk->sk_dst_cache = NULL; dst_release(dst); return NULL; } } /*如果尚未设置路由,那么使用ip_route_output_flow进行路由选路*/ if (rt == NULL) { //...... if (ip_route_output_flow(sock_net(sk), &rt, &fl, sk, 0)) goto no_route; } //...... packet_routed: /*填充IP报头*/ //..... iph->ttl = ip_select_ttl(inet, &rt->u.dst); iph->protocol = sk->sk_protocol; iph->saddr = rt->rt_src; iph->daddr = rt->rt_dst; /*填充IP选项*/ if (opt && opt->optlen) { iph->ihl += opt->optlen >> 2; ip_options_build(skb, opt, inet->daddr, rt, 0); } //...... return ip_local_out(skb); no_route: //..... } int ip_local_out(struct sk_buff *skb) { int err; err = __ip_local_out(skb); if (likely(err == 1)) err = dst_output(skb); return err; } int __ip_local_out(struct sk_buff *skb) { struct iphdr *iph = ip_hdr(skb); iph->tot_len = htons(skb->len); ip_send_check(iph); /*进入 NF_INET_LOCAL_OUT 的序列钩子进行处理,处理之后放入dst_output中处理*/ return nf_hook(PF_INET, NF_INET_LOCAL_OUT, skb, NULL, skb_dst(skb)->dev, dst_output); } static inline int dst_output(struct sk_buff *skb) { /*调用dst_entry中注册的output函数,IP单播也就是ip_output函数*/ return skb_dst(skb)->output(skb); } /*在__mkroute_output中曾经对output和input进行过注册*/ static int __mkroute_output(struct rtable **result, struct fib_result *res, const struct flowi *fl, const struct flowi *oldflp, struct net_device *dev_out, unsigned flags) { struct rtable *rth; rth->u.dst.output=ip_output; if (flags & RTCF_LOCAL) { rth->u.dst.input = ip_local_deliver; } if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) { if (flags & RTCF_LOCAL && !(dev_out->flags & IFF_LOOPBACK)) { rth->u.dst.output = ip_mc_output; } if (res->type == RTN_MULTICAST) { rth->u.dst.input = ip_mr_input; rth->u.dst.output = ip_mc_output; } } } /*IPV4单播*/ int ip_output(struct sk_buff *skb) { struct net_device *dev = skb_dst(skb)->dev; skb->dev = dev; skb->protocol = htons(ETH_P_IP); /*经过 NF_INET_POST_ROUTING 处理链后,进入ip_finish_output处理*/ return NF_HOOK_COND(PF_INET, NF_INET_POST_ROUTING, skb, NULL, dev, ip_finish_output, !(IPCB(skb)->flags & IPSKB_REROUTED)); } static int ip_finish_output(struct sk_buff *skb) { /*IP分片后,进入ip_finish_output2处理*/ if (skb->len > ip_skb_dst_mtu(skb) && !skb_is_gso(skb)) return ip_fragment(skb, ip_finish_output2); else return ip_finish_output2(skb); } static inline int ip_finish_output2(struct sk_buff *skb) { /*如果没有二层头,启用ARP处理*/ if (dst->hh) return neigh_hh_output(dst->hh, skb); /*如果有二层头进行处理,侧使用dst->neighbour->output也就是 dev_queue_xmit*/ else if (dst->neighbour) return dst->neighbour->output(skb); } /*dev_queue_xmit在ARP中的注册过程如下*/ static const struct neigh_ops arp_hh_ops = { .family = AF_INET, .output = neigh_resolve_output, .hh_output = dev_queue_xmit, }; static void neigh_hh_init(struct neighbour *n, struct dst_entry *dst, __be16 protocol) { struct hh_cache *hh; //...... if (n->nud_state & NUD_CONNECTED) hh->hh_output = n->ops->hh_output; /*也就是dev_queue_xmit*/ else hh->hh_output = n->ops->output; //...... }
最终一路从ip_queue_xmit进行发送调用到二层发送的入口点dev_queue_xmit
关于处理流程的整体架构图,请参见我的上一篇博客
<<Linux内核IP层的报文处理流程--从网卡接收的报文处理流程>>
关于二层是如何继续处理报文并发送的,请参考博客
希望大家批评指正