In order to enable a variety of devices to communicate with each other through the network, and to solve the compatibility problem of different devices in the network interconnection, the international organization for Standardization (ISO) has developed the open system interconnection reference model, which is the OSI network model. The model mainly has seven layers, namely the application layer, the presentation layer, the session layer, the communication layer and the communication layer Transport layer, network layer, data link layer and physical layer.
Each level is responsible for different functions, as follows:
The application layer is responsible for providing a unified interface for the application program;
The presentation layer is responsible for converting data into a format compatible with another system;
The session layer is responsible for establishing, managing and terminating communication sessions between entities in the presentation layer;
The transport layer is responsible for end-to-end data transmission;
The network layer is responsible for data routing, forwarding and fragmentation;
The data link layer is responsible for data frame sealing, error detection and MAC addressing;
The physical layer is responsible for transmitting data frames in the physical network;
Because the OSI model is too complex, it only proposes the concept of theoretical layering, and does not provide a specific implementation. In fact, our common and practical four layer model is TCP / IP network model. Linux system implements network protocol stack according to this network model.
There are four layers in TCP / IP network model, which are application layer, transport layer, network layer and network interface layer
Application layer is responsible for providing users with a group of applications, such as HTTP, DNS, FTP, etc;
Transport layer, responsible for end-to-end communication, such as TCP, UDP, etc;
The network layer is responsible for the encapsulation, fragmentation, routing and forwarding of network packets, such as IP, ICMP, etc;
The network interface layer is responsible for the transmission of network packets in the physical network, such as the packet encapsulation, MAC addressing, error detection, and the transmission of network frames through the network card;
The TCP / IP network model is much simpler and easier to remember than the OSI network model. The relationship between them is as follows:
However, the seven layer and four layer load balancing that we often talk about are described by the OSI network model. The seven layer corresponds to the application layer, and the four layer corresponds to the transport layer.
Linux network protocol stack we can compare our body to the data in the application layer, the base coat to the TCP head in the transport layer, the coat to the IP head in the network layer, and the hat and shoes to the frame head and frame tail in the network interface layer.
In the winter season, when we want to go out to play from home, we naturally have to wear a primer, then put on a warm coat, and finally put on a hat and shoes before we go out. This process is like when we send out the TCP protocol communication network packet, we will package and process the application layer data layer by layer according to the network protocol stack.
As you can see from the figure below, the encapsulation format of application layer data in each layer.
In transport layer, TCP header is added in front of application data;
In network layer, IP header is added in front of TCP packet;
In the network interface layer, a frame header and a frame tail are added before and after IP packets;
Each layer has its own protocol header, which increases the size of natural network packets. However, the physical link cannot transmit packets of any size. Therefore, in Ethernet, the maximum transmission unit (MTU) is 1500 bytes, That is to say, it specifies the maximum IP packet size for a single transmission.
When the network packet exceeds the size of MTU, it will be fragmented at the network layer to ensure that the IP packet after fragmentation will not exceed the size of MTU. If the MTU is smaller, the more packets are needed, the worse the network throughput is. On the contrary, if the MTU is larger, the smaller the packets are needed, the better the network throughput is.
After knowing the TCP / IP network model and the encapsulation principle of network packets, you can guess what the Linux network protocol stack looks like. In fact, it is similar to the four layer structure of TCP / IP
From the network protocol stack in the figure above, you can see that:
The application program needs to interact with the socket layer through system call;
Below the socket layer are the transport layer, network layer and network interface layer;
The bottom layer is network card driver and hardware network card device;
Linux network packet receiving process network card is a hardware in the computer, which is specially responsible for receiving and sending network packets. When the network card receives a network packet, it will put the network packet into ringbuffer through DMA technology, which is a ring buffer.
After receiving the network packet, how to tell the operating system that the network packet has arrived?
The simplest way is to trigger an interrupt, that is, whenever the network card receives a network packet, it will trigger an interrupt to tell the operating system.
However, there is a problem. In the high-performance network scenario, there will be a large number of network packets, which will trigger a lot of interrupts. You should know that when the CPU receives the interrupt, it will stop what it is doing and go to process these network packets. After processing, it will go back to other things, which will trigger interrupts frequently, It will lead to the CPU has not played the processing interrupt, and other tasks may not be able to move forward, thus affecting the overall efficiency of the system.
Therefore, in order to solve the performance overhead caused by frequent interrupts, the Linux kernel introduces the NaPi mechanism in version 2.6. It is a hybrid “interrupt and polling” method to receive network packets. Its core concept is not to use the interrupt method to read data, but first use the interrupt to wake up the service program receiving data, and then poll the data.
For example, when a network packet arrives, the network card initiates a hardware interrupt, and then executes the hardware interrupt processing function of the network card. After the interrupt processing function is finished, it needs to “temporarily mask the interrupt”, and then wakes up “soft interrupt” to poll for processing data. The interrupt is not resumed until there is no new data. In this way, multiple network packets are processed at one time, Therefore, the performance overhead caused by network card interruption can be reduced.
How does softbreak handle network packets? It copies data from ringbuffer to kernel structsk_ It can be used as a network packet to be processed layer by layer by the network protocol stack.
First of all, it will enter the network interface layer. In this layer, it will check the validity of the message. If it is discarded according to the law, it will find out the type of the upper layer protocol of the network packet, such as IPv4 or IPv6. Then it will remove the frame header and frame tail, and give it to the network layer.
When it comes to the network layer, it takes out the IP packet and judges the next direction of the network packet, such as whether it is handed over to the upper layer for processing or forwarded. When it is confirmed that the network packet will be sent to the local machine, it will check whether the type of the upper layer protocol is TCP or UDP from the IP header, then remove the IP header and give it to the transport layer.
The transport layer takes out the TCP header or UDP header, finds the corresponding socket according to the quadruple “source IP, source port, destination IP, destination port”, and copies the data to the receiving buffer of the socket.
Finally, the application layer program calls the socket interface to read the new data from the socket receiving buffer of the kernel to the application layer.
At this point, the process of receiving a network packet is over. You can also see the process of receiving a network packet from the left part of the figure below. The right part is just the opposite. It is the process of sending a network packet.
The process of Linux sending network packets is as shown in the figure above. The process of sending network packets is just opposite to that of receiving network packets.
First of all, the application program will call the socket interface to send packets. Because this is a system call, it will fall into the socket layer from the user mode to the kernel mode, and the socket layer will copy the application layer data to the socket sending buffer.
Next, the network protocol stack fetches the packets from the socket sending buffer and processes them layer by layer from top to bottom according to the TCP / IP protocol stack.
If the TCP transmission protocol is used to send data, the TCP packet header will be added in the transport layer, and then it will be handed over to the network layer. The network layer will add IP packets to the packet, and then confirm the IP of the next hop by querying the routing table, and divide it according to the size of MTU.
After fragmentation, the network packet will be sent to the network interface layer, where the MAC address of the next hop will be obtained through ARP protocol, and then the frame header and frame tail will be added to the packet queue.
After these preparations are ready, a soft interrupt will be triggered to tell the NIC driver that there is a new network packet to send. Finally, the driver reads the network packet from the contract queue through DMA, puts it into the queue of the hardware NIC, and then sends it out by the physical NIC.
To sum up, computers are usually connected with network devices such as calling network cards, switches and routers. Because of the heterogeneity of network devices, the international organization for standardization defines a seven layer OSI network model. However, because of its complexity, this model is not used in practical application, but uses a more simplified TCP / IP model, Linux network protocol stack is implemented according to this model.
TCP / IP model is mainly divided into four layers: application layer, transport layer, network layer and network interface layer. Each layer has different responsibilities, which is also the main part of Linux network protocol stack.
When an application sends a packet through the socket interface, the packet will be processed layer by layer from top to bottom by the network protocol stack, and then it will be sent to the network card queue, and then the network card will send the packet out.
When receiving network packets, they also need to be processed layer by layer from the bottom to the top of the network protocol stack before they are sent to the application.