在Linux 协议咱中引入了net namespace 后既已支持了多个实例,包含在net namespace 中元素有:进程、套接字、网络设备、proc文件
We create a mechanism that from the users perspective allows creation of separate instances of the network stack.
在linux 中命名空间的结构体为struct net,存在于linux/include/net/net_namespace.h
-
struct net {
-
atomic_t passive; /* To decided when the network
-
* namespace should be freed.
-
*/
-
atomic_t count; /* To decided when the network
-
* namespace should be shut down.
-
*/
-
#ifdef NETNS_REFCNT_DEBUG
-
atomic_t use_count; /* To track references we
-
* destroy on demand
-
*/
-
#endif
-
spinlock_t rules_mod_lock;
-
-
struct list_head list; /* list of network namespaces */
-
struct list_head cleanup_list; /* namespaces on death row */
-
struct list_head exit_list; /* Use only net_mutex */
-
-
struct user_namespace *user_ns; /* Owning user namespace */
-
-
unsigned int proc_inum;
-
-
struct proc_dir_entry *proc_net;
-
struct proc_dir_entry *proc_net_stat;
-
-
#ifdef CONFIG_SYSCTL
-
struct ctl_table_set sysctls;
-
#endif
-
-
struct sock *rtnl; /* rtnetlink socket */
-
struct sock *genl_sock;
-
-
struct list_head dev_base_head;
-
struct hlist_head *dev_name_head;
-
struct hlist_head *dev_index_head;
-
unsigned int dev_base_seq; /* protected by rtnl_mutex */
-
int ifindex;
-
unsigned int dev_unreg_count;
-
-
/* core fib_rules */
-
struct list_head rules_ops;
-
-
-
struct net_device *loopback_dev; /* The loopback */
-
struct netns_core core;
-
struct netns_mib mib;
-
struct netns_packet packet;
-
struct netns_unix unx;
-
struct netns_ipv4 ipv4;
-
#if IS_ENABLED(CONFIG_IPV6)
-
struct netns_ipv6 ipv6;
-
#endif
-
#if IS_ENABLED(CONFIG_IEEE802154_6LOWPAN)
-
struct netns_ieee802154_lowpan ieee802154_lowpan;
-
#endif
-
#if defined(CONFIG_IP_SCTP) || defined(CONFIG_IP_SCTP_MODULE)
-
struct netns_sctp sctp;
-
#endif
-
#if defined(CONFIG_IP_DCCP) || defined(CONFIG_IP_DCCP_MODULE)
-
struct netns_dccp dccp;
-
#endif
-
#ifdef CONFIG_NETFILTER
-
struct netns_nf nf;
-
struct netns_xt xt;
-
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
-
struct netns_ct ct;
-
#endif
-
#if defined(CONFIG_NF_TABLES) || defined(CONFIG_NF_TABLES_MODULE)
-
struct netns_nftables nft;
-
#endif
-
#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV6)
-
struct netns_nf_frag nf_frag;
-
#endif
-
struct sock *nfnl;
-
struct sock *nfnl_stash;
-
#endif
-
#ifdef CONFIG_WEXT_CORE
-
struct sk_buff_head wext_nlevents;
-
#endif
-
struct net_generic __rcu *gen;
-
-
/* Note : following structs are cache line aligned */
-
#ifdef CONFIG_XFRM
-
struct netns_xfrm xfrm;
-
#endif
-
#if IS_ENABLED(CONFIG_IP_VS)
-
struct netns_ipvs *ipvs;
-
#endif
-
struct sock *diag_nlsk;
-
atomic_t fnhe_genid;
-
};
对于设备:在list_netdevice 函数中将设备分别挂到了三条链表上:
-
list_add_tail_rcu(&dev->dev_list, &net->dev_base_head);
-
hlist_add_head_rcu(&dev->name_hlist, dev_name_hash(net, dev->name));
-
hlist_add_head_rcu(&dev->index_hlist,dev_index_hash(net, dev->ifindex));
同样struct net_device 也有回朔的变量 net.
对于 net 本身而言,也被连接到了net_namespace_list 上,系统初始化的时候自动生成一个命名空间:init_net
在用户态可以通过ip netns 对network namespace进行查看,新建,删除等操作。
Ref:
[1]
[2]
[3]
阅读(3362) | 评论(0) | 转发(0) |
