LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-22-2007, 02:14 AM   #1
neur0tic
LQ Newbie
 
Registered: Dec 2007
Posts: 3

Rep: Reputation: 0
Selective ethernet frame forwarding via userspace / kernel space program


Hello everyone,
I have a scenario in which I would like to selectively forward ethernet frames across the network.

Here's what I intend to do :

1. Recieve ALL incoming ethernet frames (promiscious NIC)
2. Check if the ethernet frame has ip/mac of this machine, then let pass on the packet to the kernel and let it do the processing.
3. If its not for this machine, check to see if the frame is for a machine given in the list. If it is, do some sort of re-stamping such as changing the mac address/ ip address and send it to the target machine
4. If not , drop the packet.

The attached schematic will make things clear.

Since I am pretty new to linux, I want to know which will be the easiest way to do it. And whether or not it is possible or not.

hxxp://img155.imageshack.us/img155/93/virtnicdx1.jpg

Any help would be highly appreciated.
 
Old 12-23-2007, 08:17 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
try this for the userspace interface... http://www.penguin-soft.com/penguin/man/3/libipq.html

what you say about the ip addresses and such is confusing... though. if you are looking in promisc mode then those frames willl keep doing whatever they are meant to... you'll just duplicate and modify existing traffic. maybe if you added a bit more context...?
 
Old 12-23-2007, 10:26 AM   #3
neur0tic
LQ Newbie
 
Registered: Dec 2007
Posts: 3

Original Poster
Rep: Reputation: 0
Thanks for your reply Mr. acid_kewpie,
I'll try to make myself more precise..

Say, I have 4 machines, alpha , beta and gamma ,delta.
having ip and MAC addresses :-{ ip-alpha mac-alpha},{ ip-beta mac-beta} ,{ ip-gamma mac-gamma} , {ip-delta and mac-delta}.Each machine, knows the ip-mac binding of the others.


Now suppose that my machine alpha is running the frame forwarding program.

Say machine beta goes down for whatever reason, alpha sees beta not responding for certain amount of time, then beta's ip-mac pair is added to a "REPLY FOR" list.
Next time a packet comes with {ip-beta,mac-beta} from the INTERNET , alpha picks up the frame and restamps it as {ip-alpha,mac-alpha} and sends it out on the local network.

When a frame comes for beta from the local network, alpha picks it up and restamps it from {ip-beta,mac-beta} to {ip-alpha,mac-alpha} and sends it out on to the INTERNET.

Thereby seamlessly channeling traffic.
The same thing happens if more than one primary computers go down.

Next,

Whenever alpha receives a gratuitous ARP from a machine in the "REPLY FOR" list, the entry is immediately deleted from the list.

It is for this reason that I want to grab the frames before they get to the kernel , because the kernel might relpy to unwanted packets.

I know it sounds a little complicated, but well, so is my network !! []

Hope I've made things clearer instead of cloudier !

Happy Christmas !
 
Old 12-23-2007, 12:42 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
ok, i see what you're trying to do, but it seems that you're trying to reinvent the wheel, and doesn't really sound supportable. and to do that in userspace would require a huge amount of optimized intelligent programming. you can chuck simple load load stuff through userspace, but there are huge implications of doing much more.

initially there are a few complications and errors in what you want. a packet from the interne t will *never* contain the mac address for an internal machine, as mac's and ethernet are network segment technologies, and are below things like IP addresses and IP routing. ethernet frames do not contain IP addresses apart from the layer 3 payload which is irrelevant to ethernet, so there are complications in terms of which part of the OSI model you are trying to broach, layer 2 (ethernet frames / mac addresses ) or layer 3 (IP packets / IP addressing).

you probably don't really want to mess with mac addresses at all. in a standard server HA environment it's the IP addresses that are shifted about, not the MAC's, although at times some ultra critical systems will migrate or share MAC addresses and synchronize their ARP responses. this sounds above and beyond what you need. have a google for "simple ip takeover" and there's a really useful article on o'reilly (i think) about using next to no tools to monitor for ip outages and assume responsibilities with gratuitous arp's and such. above that linuxha.org is a great starting point for more advanced HA solutions.

another soution you might prefer the sound of is a virtual service, http://www.linuxvirtualserver.org where you can actively handle failovers and load balancing in an abstracted layer...

Last edited by acid_kewpie; 12-23-2007 at 12:46 PM.
 
Old 12-24-2007, 11:27 AM   #5
neur0tic
LQ Newbie
 
Registered: Dec 2007
Posts: 3

Original Poster
Rep: Reputation: 0
First of all, thanks a lot for your extremely valuable time.

Quote:
you can chuck simple load load stuff through userspace, but there are huge implications of doing much more.
I could'nt really get the meaning of that, told you , im pretty new to linux :P

And yeah, i really want to be messing with the mac, since all my systems are allowed / restricted access based on ip/mac binding, i.e. 1 ip with its specific mac.
And that rule cannot be changed , since the router is not my property.
plus, as far as i can imagine, all this problem would have been easily solved if i could ailas my eth0 with different ip each with a different mac, but well it isnt supported by linux.

I'll check up on all the directions you've pointed me to and will get back.

Thanks for your help,
Merry christmas.
neur0tic
 
Old 12-24-2007, 03:52 PM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
well sorry for the very dubious english... i think i meant "you can chuck simple, low load stuff through userspace, but there are huge implications of doing much more." i.e. you want to inspect any dns request... dns is light and takes of a fraction of a percentage of network throughput, absolutely tiny. so screwing with DNS isn't too bad. screwing with heavy application traffic, http etc... will have massive issues without extremely clever programming techniques and substantial processing and IO power.

I do think you need to take a few steps back and work out what you want. i've been there so so many times and will be again. i'm the king of hair-brained ideas, and i'm slowly weening myself off of them. but don't work around issues, improve them. hacks to get around other hacks is a horrible state to be in.
 
  


Reply

Tags
ethernet, forwarding, frame, networking, userspace


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Call Linux Shell Command from within *.c program in userspace? pat_and_cami SUSE / openSUSE 1 03-08-2006 02:39 AM
Help with converting a userspace PCI program to a Device Driver cstrask Linux - Hardware 0 10-31-2005 09:07 PM
Smoothwall selective forwarding from the same port to different internal computers jimdaworm Linux - Networking 4 03-16-2005 01:44 PM
userspace program for forwarding packets after amendment of the destination address becky_starr Linux - Software 0 01-12-2004 06:22 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration