Netlink is a
socket
Socket may refer to:
Mechanics
* Socket wrench, a type of wrench that uses separate, removable sockets to fit different sizes of nuts and bolts
* Socket head screw, a screw (or bolt) with a cylindrical head containing a socket into which the hexag ...
family used for
inter-process communication (IPC) between both the kernel and
userspace
A modern computer operating system usually segregates virtual memory into user space and kernel space. Primarily, this separation serves to provide memory protection and hardware protection from malicious or errant software behaviour.
Kernel ...
processes, and between different userspace processes, in a way similar to the
Unix domain socket
A Unix domain socket aka UDS or IPC socket (inter-process communication socket) is a data communications endpoint for exchanging data between processes executing on the same host operating system. It is also referred to by its address family AF_UN ...
s available on certain Unix-like
operating system
An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs.
Time-sharing operating systems schedule tasks for efficient use of the system and may also i ...
s, including its original incarnation as a
Linux kernel interface, as well as in the form of a later implementation on
FreeBSD.
Similarly to the
Unix domain sockets, and unlike
INET sockets, Netlink communication cannot traverse host boundaries. However, while the Unix domain sockets use the
file system namespace, Netlink sockets are usually addressed by
process identifier
In computing, the process identifier (a.k.a. process ID or PID) is a number used by most operating system kernels—such as those of Unix, macOS and Windows—to uniquely identify an active process. This number may be used as a parameter in vario ...
s (PIDs).
Netlink is designed and used for transferring miscellaneous networking information between the
kernel space and userspace processes. Networking utilities, such as the
iproute2
iproute2 is a collection of userspace utilities for controlling and monitoring various aspects of networking in the Linux kernel, including routing, network interfaces, tunnels, traffic control, and network-related device drivers.
iproute ...
family and the utilities used for configuring
mac80211
A wireless network interface controller (WNIC) is a network interface controller which connects to a wireless network, such as Wi-Fi or Bluetooth, rather than a wired network, such as a Token Ring or Ethernet. A WNIC, just like other NICs, wor ...
-based wireless drivers, use Netlink to communicate with the
Linux kernel from userspace. Netlink provides a standard
socket
Socket may refer to:
Mechanics
* Socket wrench, a type of wrench that uses separate, removable sockets to fit different sizes of nuts and bolts
* Socket head screw, a screw (or bolt) with a cylindrical head containing a socket into which the hexag ...
-based interface for userspace processes, and a kernel-side
API
An application programming interface (API) is a way for two or more computer programs to communicate with each other. It is a type of software interface, offering a service to other pieces of software. A document or standard that describes how ...
for internal use by
kernel module
In computing, a loadable kernel module (LKM) is an object file that contains code to extend the running kernel, or so-called ''base kernel'', of an operating system. LKMs are typically used to add support for new hardware (as device drivers) and/o ...
s. Originally, Netlink used the socket family.
Netlink is designed to be a more flexible successor to
ioctl
In computing, ioctl (an abbreviation of input/output control) is a system call for device-specific input/output operations and other operations which cannot be expressed by regular system calls. It takes a parameter specifying a request code; th ...
RFC 3549describes the protocol in detail.
History
Netlink was created by Alexey Kuznetsov as a more flexible alternative to the sophisticated but awkward
communication method used for setting and getting external socket options. The Linux kernel continues to support for backward compatibility.
Netlink was first provided in the 2.0 series of the Linux kernel, implemented as a
character device
In Unix-like operating systems, a device file or special file is an interface to a device driver that appears in a file system as if it were an ordinary file. There are also special files in DOS, OS/2, and Windows. These special files allow a ...
. By 2013, this interface is obsolete, but still forms an
ioctl
In computing, ioctl (an abbreviation of input/output control) is a system call for device-specific input/output operations and other operations which cannot be expressed by regular system calls. It takes a parameter specifying a request code; th ...
communication method; compare the use of . The Netlink socket interface appeared in 2.2 series of the Linux kernel.
In 2022, experimental support for the Netlink protocol was added to FreeBSD. Initially, only a subset of the NETLINK_ROUTE functionality is supported.
Packet structure
Unlike
BSD sockets using Internet protocols such as
TCP, where the message headers are autogenerated, the Netlink message header (available as ) must be prepared by the caller. The Netlink socket generally works in a -like mode, even if was used to create it.
The data portion then contains a subsystem-specific message that may be further nested.
Netlink socket families
The family offers multiple protocol subsets. Each interfaces to a different kernel component and has a different messaging subset. The subset is referenced by the protocol field in the socket call:
int socket(AF_NETLINK, SOCK_DGRAM ''or'' SOCK_RAW, ''protocol'')
Lacking a standard, and are not guaranteed to be implemented in a given Linux (or other OS) release. Some sources state that both options are legitimate, and the reference below from
Red Hat states that is always the parameter. However, iproute2 uses both interchangeably.
Netlink protocols
A non-exhaustive list of the supported ''protocol'' entries follows:
; NETLINK_ROUTE
provides routing and link information. This information is used primarily for user-space routing daemons.
Linux
Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, w ...
implements a large subset of messages:
* Link layer: ''RTM_NEWLINK'', ''RTM_DELLINK'', ''RTM_GETLINK'', ''RTM_SETLINK''
* Address settings: ''RTM_NEWADDR'', ''RTM_DELADDR'', ''RTM_GETADDR''
* Routing tables: ''RTM_NEWROUTE'', ''RTM_DELROUTE'', ''RTM_GETROUTE''
* Neighbor cache: ''RTM_NEWNEIGH'', ''RTM_DELNEIGH'', ''RTM_GETNEIGH''
* Routing rules: ''RTM_NEWRULE'', ''RTM_DELRULE'', ''RTM_GETRULE''
* Queuing discipline settings: ''RTM_NEWQDISC'', ''RTM_DELQDISC'', ''RTM_GETQDISC''
* Traffic classes used with queues: ''RTM_NEWTCLASS'', ''RTM_DELTCLASS'', ''RTM_GETTCLASS''
* Traffic filters: ''RTM_NEWTFILTER'', ''RTM_DELTFILTER'', ''RTM_GETTFILTER''
* Others: ''RTM_NEWACTION'', ''RTM_DELACTION'', ''RTM_GETACTION'', ''RTM_NEWPREFIX'', ''RTM_GETPREFIX'', ''RTM_GETMULTICAST'', ''RTM_GETANYCAST'', ''RTM_NEWNEIGHTBL'', ''RTM_GETNEIGHTBL'', ''RTM_SETNEIGHTBL''
; NETLINK_FIREWALL
provides an interface for a user-space app to receive packets from the
firewall
Firewall may refer to:
* Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts
* Firewall (construction), a barrier inside a building, designed to limit the spr ...
.
; NETLINK_NFLOG
provides an interface used to communicate between
Netfilter
Netfilter is a framework provided by the Linux kernel that allows various networking-related operations to be implemented in the form of customized handlers. Netfilter offers various functions and operations for packet filtering, network add ...
and
iptables
iptables is a user-space utility program that allows a system administrator to configure the IP packet filter rules of the Linux kernel firewall, implemented as different Netfilter modules. The filters are organized in different tables, which ...
.
; NETLINK_ARPD
provides an interface to manage the
ARP table from user-space.
; NETLINK_AUDIT
provides an interface to the audit subsystem found in Linux kernel versions 2.6.6 and later.
; NETLINK_IP6_FW
provides an interface to transport packets from netfilter to user-space.
; NETLINK_ROUTE6
; NETLINK_TAPBASE
; NETLINK_NETFILTER
; NETLINK_TCPDIAG
; NETLINK_XFRM
provides an interface to manage the
IPsec
In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...
security association and security policy databases - mostly used by key-manager daemons using the
Internet Key Exchange
In computing, Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP.The Internet Key Exch ...
protocol.
; NETLINK_KOBJECT_UEVENT
provides the interface in which the kernel broadcasts uevents, typically consumed by
udev
udev (userspace ) is a device manager for the Linux kernel. As the successor of devfsd and hotplug, udev primarily manages device nodes in the directory. At the same time, udev also handles all user space events raised when hardware devices ...
.
; NETLINK_GENERIC
One of the drawbacks of the Netlink protocol is that the number of protocol families is limited to 32 ().This is one of the main reasons that the generic Netlink family was created—to provide support for adding a higher number of families. It acts as a Netlink multiplexer and works with a single Netlink family . The generic Netlink protocol is based on the Netlink protocol and uses its API.
User-defined Netlink protocol
Users can add a Netlink handler in their own kernel routines. This allows the development of additional Netlink protocols to address new kernel modules.
See also
*
Comparison of open-source wireless drivers
Wireless network cards for computers require control software to make them function ( firmware, device drivers). This is a list of the status of some open-source drivers for 802.11
IEEE 802.11 is part of the IEEE 802 set of local area ne ...
â€
mac80211based drivers rely on Netlink as the API to user space
*
POSIX
The Portable Operating System Interface (POSIX) is a family of standards specified by the IEEE Computer Society for maintaining compatibility between operating systems. POSIX defines both the system- and user-level application programming inter ...
References
External links
Pablo Neira Ayuso, Rafael M. Gasca, Laurent Lefèvre. Communicating between the kernel and user-space in Linux using Netlink sockets. Software: Practice and Experience, 40(9):797-810, August 2010Why and How to Use Netlink SocketsRFC 3549netfilter/iptables project homepage - The netfilter.org "libmnl" project– Minimalist Library for Netlink – userspace library for construction and parsing of Netlink messages
libnl - Netlink Protocol Library Suite– Netlink Protocol Library Suite – full functional library covering almost all aspects of working with Netlink sockets
Manipulating the Networking Environment Using RTNETLINKNetlink Protocol Library Suite"Linux Kernel Networking" by Rami Rosen, Apress 2013: Chapter 2, Netlink Sockets
{{Linux kernel
Interfaces of the Linux kernel
Linux kernel features