CONTENTS

DESCRIPTION

The aim of netgraph is to supplement rather than replace the existing kernel networking infrastructure. It provides:

• A flexible way of combining protocol and link level drivers.
• A modular way to implement new protocols.
• A common framework for kernel entities to inter-communicate.
• A reasonably fast, kernel-based implementation.

Nodes and Types

Each node has a type, which is a static property of the node determined at node creation time. A node’s type is described by a unique ASCII type name. The type implies what the node does and how it may be connected to other nodes.

In object-oriented language, types are classes, and nodes are instances of their respective class. All node types are subclasses of the generic node type, and hence inherit certain common functionality and capabilities (e.g., the ability to have an ASCII name).

Nodes may be assigned a globally unique ASCII name which can be used to refer to the node. The name must not contain the characters ‘.’ or ‘:’, and is limited to NG_NODESIZ characters (including the terminating NUL character).

Hooks have these properties:

• A hook has an ASCII name which is unique among all hooks on that node (other hooks on other nodes may have the same name). The name must not contain the characters ‘.’ or ‘:’, and is limited to NG_HOOKSIZ characters (including the terminating NUL character).
• A hook is always connected to another hook. That is, hooks are created at the time they are connected, and breaking an edge by removing either hook destroys both hooks.
• A hook can be set into a state where incoming packets are always queued by the input queueing system, rather than being delivered directly. This can be used when the data is sent from an interrupt handler, and processing must be quick so as not to block other interrupts.
• A hook may supply overriding receive data and receive message functions which should be used for data and messages received through that hook in preference to the general node-wide methods.

Along with data, nodes can also receive control messages. There are generic and type-specific control messages. Control messages have a common header format, followed by a type-specific data, and are binary structures for efficiency. However, node types may also support conversion of the type specific data between binary and ASCII formats, for debugging and human interface purposes (see the NGM_ASCII2BINARY and NGM_BINARY2ASCII generic control messages below). Nodes are not required to support these conversions.

There are three ways to address a control message. If there is a sequence of edges connecting the two nodes, the message may be "source routed" by specifying the corresponding sequence of ASCII hook names as the destination address for the message (relative addressing). If the destination is adjacent to the source, then the source node may simply specify (as a pointer in the code) the hook across which the message should be sent. Otherwise, the recipient node global ASCII name (or equivalent ID based name) is used as the destination address for the message (absolute addressing). The two types of ASCII addressing may be combined, by specifying an absolute start node and a sequence of hooks. Only the ASCII addressing modes are available to control programs outside the kernel, as use of direct pointers is limited of course to kernel modules.

Messages often represent commands that are followed by a reply message in the reverse direction. To facilitate this, the recipient of a control message is supplied with a "return address" that is suitable for addressing a reply.

Each control message contains a 32 bit value called a typecookie indicating the type of the message, i.e., how to interpret it. Typically each type defines a unique typecookie for the messages that it understands. However, a node may choose to recognize and implement more than one type of messages.

Each node has an input queue, and some operations can be considered to be writers in that they alter the state of the node. Obviously, in an SMP world it would be bad if the state of a node were changed while another data packet were transiting the node. For this purpose, the input queue implements a reader/writer semantic so that when there is a writer in the node, all other requests are queued, and while there are readers, a writer, and any following packets are queued. In the case where there is no reason to queue the data, the input method is called directly, as mentioned above.

A node may declare that all requests should be considered as writers, or that requests coming in over a particular hook should be considered to be a writer, or even that packets leaving or entering across a particular hook should always be queued, rather than delivered directly (often useful for interrupt routines who want to get back to the hardware quickly). By default, all control message packets are considered to be writers unless specifically declared to be a reader in their definition. (See NGM_READONLY in
.In ng_message.h . )

While this mode of operation results in good performance, it has a few implications for node developers:

• Whenever a node delivers a data or control message, the node may need to allow for the possibility of receiving a returning message before the original delivery function call returns.
• Netgraph provides internal synchronization between nodes. Data always enters a "graph" at an edge node. An edge node is a node that interfaces between netgraph and some other part of the system. Examples of "edge nodes" include device drivers, the
  .Vt socket , ether , tty , and
  .Vt ksocket node type. In these edge nodes, the calling thread directly executes code in the node, and from that code calls upon the netgraph framework to deliver data across some edge in the graph. From an execution point of view, the calling thread will execute the netgraph framework methods, and if it can acquire a lock to do so, the input methods of the next node. This continues until either the data is discarded or queued for some device or system entity, or the thread is unable to acquire a lock on the next node. In that case, the data is queued for the node, and execution rewinds back to the original calling entity. The queued data will be picked up and processed by either the current holder of the lock when they have completed their operations, or by a special netgraph thread that is activated when there are such items queued.
• It is possible for an infinite loop to occur if the graph contains cycles.

An example is the
.Vt socket node type which is both a netgraph node and a socket(2) in the protocol family PF_NETGRAPH. Socket nodes allow user processes to participate in netgraph. Other nodes communicate with socket nodes using the usual methods, and the node hides the fact that it is also passing information to and from a cooperating user process.

Sending and Receiving Data

Addresses are either absolute or relative. An absolute address begins with a node name or ID, followed by a colon, followed by a sequence of hook names separated by periods. This addresses the node reached by starting at the named node and following the specified sequence of hooks. A relative address includes only the sequence of hook names, implicitly starting hook traversal at the local node.

There are a couple of special possibilities for the node name. The name ‘.’ (referred to as ‘.:’) always refers to the local node. Also, nodes that have no global name may be addressed by their ID numbers, by enclosing the hexadecimal representation of the ID number within the square brackets. Here are some examples of valid netgraph addresses:
.:
[3f]:
foo:
.:hook1
foo:hook1.hook2
[d80]:hook1

The following set of nodes might be created for a site with a single physical frame relay line having two active logical DLCI channels, with RFC 1490 frames on DLCI 16 and PPP frames over DLCI 20:
[type SYNC ] [type FRAME] [type RFC1490]
[ "Frame1" ](uplink)<-->(data)[<un-named>](dlci16)<-->(mux)[<un-named> ]
[ A] [ B](dlci20)<---+ [C ]
|
| [ type PPP ]
+>(mux)[<un-named>]
[ D]

One could always send a control message to node C from anywhere by using the name "Frame1:uplink.dlci16". In this case, node C would also be notified that the message reached it via its hook mux. Similarly, "Frame1:uplink.dlci20" could reliably be used to reach node D, and node A could refer to node B as ".:uplink", or simply "uplink". Conversely, B can refer to A as "data". The address "mux.data" could be used by both nodes C and D to address a message to node A.

Note that this is only for control messages. In each of these cases, where a relative addressing mode is used, the recipient is notified of the hook on which the message arrived, as well as the originating node. This allows the option of hop-by-hop distribution of messages and state information. Data messages are only routed one hop at a time, by specifying the departing hook, with each node making the next routing decision. So when B receives a frame on hook data, it decodes the frame relay header to determine the DLCI, and then forwards the unwrapped frame to either C or D.

In a similar way, flow control messages may be routed in the reverse direction to outgoing data. For example a ""buffer nearly full"" message from "Frame1:" would be passed to node B which might decide to send similar messages to both nodes C and D. The nodes would use "direct hook pointer" addressing to route the messages. The message may have travelled from "Frame1:" to B as a synchronous reply, saving time and cycles.

The two basic object types that are of interest to node authors are nodes and hooks. These two objects have the following properties that are also of interest to the node writers.

The maintenance of the names, reference counts, and linked list of hooks for each node is handled automatically by the netgraph subsystem. Typically a node’s private info contains a back-pointer to the node or hook structure, which counts as a new reference that must be included in the reference count for the node. When the node constructor is called, there is already a reference for this calculated in, so that when the node is destroyed, it should remember to do a NG_NODE_UNREF on the node.

From a hook you can obtain the corresponding node, and from a node, it is possible to traverse all the active hooks.

struct ng_mesg {
struct ng_msghdr {
u_char version; /* Must equal NG_VERSION */
u_char spare;/* Pad to 2 bytes */
u_shortarglen; /* Length of cmd/resp data */
u_long flags;/* Message status flags */
u_long token;/* Reply should have the same token */
u_long typecookie;/* Node type understanding this message */
u_long cmd; /* Command identifier */
u_char cmdstr[NG_CMDSTRSIZ]; /* Cmd string (for debug) */
} header;
char data[0]; /* Start of cmd/resp data */
};

#define NG_ABI_VERSION 5/* Netgraph kernel ABI version */
#define NG_VERSION 4/* Netgraph message version */
#define NGF_ORIG 0x0000/* Command */
#define NGF_RESP 0x0001/* Response */

Control messages have the fixed header shown above, followed by a variable length data section which depends on the type cookie and the command. Each field is explained below:

1. The cmdstr header field must contain the ASCII name of the command, corresponding to the cmd header field.
2. The arguments field contains a NUL -terminated ASCII string version of the message arguments.

In general, the arguments field of a control message can be any arbitrary C data type. Netgraph includes parsing routines to support some pre-defined datatypes in ASCII with this simple syntax:

• Integer types are represented by base 8, 10, or 16 numbers.
• Strings are enclosed in double quotes and respect the normal C language backslash escapes.
• IP addresses have the obvious form.
• Arrays are enclosed in square brackets, with the elements listed consecutively starting at index zero. An element may have an optional index and equals sign (‘=’) preceding it. Whenever an element does not have an explicit index, the index is implicitly the previous element’s index plus one.
• Structures are enclosed in curly braces, and each field is specified in the form fieldname = value.
• Any array element or structure field whose value is equal to its "default value" may be omitted. For integer types, the default value is usually zero; for string types, the empty string.
• Array elements and structure fields may be specified in any order.

Flow Control Messages

INITIALIZATION

in your kernel configuration file. You may also include selected node types in the kernel compilation, for example:

Once the netgraph subsystem is loaded, individual node types may be loaded at any time as KLD modules via kldload(8). Moreover, netgraph knows how to automatically do this; when a request to create a new node of unknown type type is made, netgraph will attempt to load the KLD module ng_<type.ko>.

Types can also be installed at boot time, as certain device drivers may want to export each instance of the device as a netgraph node.

In general, new types can be installed at any time from within the kernel by calling ng_newtype, supplying a pointer to the type’s
.Vt "struct ng_type" structure.

All data messages are
.Vt mbuf chains with the M_PKTHDR flag set.

Nodes are responsible for freeing what they allocate. There are three exceptions:

1. 
   .Vt Mbufs sent across a data link are never to be freed by the sender. In the case of error, they should be considered freed.
2. Messages sent using one of NG_SEND_MSG_* family macros are freed by the recipient. As in the case above, the addresses associated with the message are freed by whatever allocated them so the recipient should copy them if it wants to keep that information.
3. Both control messages and data are delivered and queued with a netgraph item. The item must be freed using NG_FREE_ITEM item or passed on to another node.

FILES

USER MODE SUPPORT

Two user-mode support programs, ngctl(8) and nghook(8), are available to assist manual configuration and debugging.

There are a few useful techniques for debugging new node types. First, implementing new node types in user-mode first makes debugging easier. The
.Vt tee node type is also useful for debugging, especially in conjunction with ngctl(8) and nghook(8).

HISTORY

AUTHORS