| Netlink | |
|---|---|
| Stable release | |
| Operating system | Linux |
| Platform | Linux kernel |
| Type | Application programming interface |
| License | GNU General Public License |
| Website | wiki |
Netlink is asocket family used forinter-process communication (IPC) between both the kernel anduserspace processes, and between different userspace processes, in a way similar to theUnix domain sockets available on certain Unix-likeoperating systems, including its original incarnation as aLinux kernel interface, as well as in the form of a later implementation onFreeBSD.[2] Similarly to theUnix domain sockets, and unlikeINET sockets, Netlink communication cannot traverse host boundaries. However, while the Unix domain sockets use thefile system namespace, Netlink sockets are usually addressed byprocess identifiers (PIDs).[3]
Netlink is designed and used for transferring miscellaneous networking information between thekernel space and userspace processes. Networking utilities, such as theiproute2 family and the utilities used for configuringmac80211-based wireless drivers, use Netlink to communicate with theLinux kernel from userspace. Netlink provides a standardsocket-based interface for userspace processes, and a kernel-sideAPI for internal use bykernel modules. Originally, Netlink used theAF_NETLINK socket family.
Netlink is designed to be a more flexible successor toioctl;RFC 3549 describes the protocol in detail.
Netlink was created by Alexey Kuznetsov[4] as a more flexible alternative to the sophisticated but awkwardioctl communication method used for setting and getting external socket options. The Linux kernel continues to supportioctl for backward compatibility.
Netlink was first provided in the 2.0 series of the Linux kernel, implemented as acharacter device. By 2013, this interface is obsolete, but still forms anioctl communication method; compare the use ofrtnetlink.[5] The Netlink socket interface appeared in 2.2 series of the Linux kernel.
In 2022, experimental support for the Netlink protocol was added to FreeBSD. Initially, only a subset of theNETLINK_ROUTE family andNETLINK_GENERIC is supported.[2]
| Bit offset | 0–15 | 16–31 | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 0 | Message length | |||||||||||||||||||||||||||||||
| 32 | Type | Flags | ||||||||||||||||||||||||||||||
| 64 | Sequence number | |||||||||||||||||||||||||||||||
| 96 | PID | |||||||||||||||||||||||||||||||
| 128+ | Data | |||||||||||||||||||||||||||||||
UnlikeBSD sockets using Internet protocols such asTCP, where the message headers are autogenerated, the Netlink message header (available asstruct nlmsghdr) must be prepared by the caller. The Netlink socket generally works in aSOCK_RAW-like mode, even ifSOCK_DGRAM was used to create it.
The data portion then contains a subsystem-specific message that may be further nested.
TheAF_NETLINK family offers multiple protocol subsets. Each interfaces to a different kernel component and has a different messaging subset. The subset is referenced by the protocol field in the socket call:
int socket(AF_NETLINK, SOCK_DGRAMor SOCK_RAW,protocol)
Lacking a standard,SOCK_DGRAM andSOCK_RAW are not guaranteed to be implemented in a given Linux (or other OS) release. Some sources state that both options are legitimate, and the reference below fromRed Hat states thatSOCK_RAW is always the parameter. However, iproute2 uses both interchangeably.
A non-exhaustive list of the supportedprotocol entries follows:
NETLINK_ROUTE provides routing and link information. This information is used primarily for user-space routing daemons.Linux implements a large subset of messages:
NETLINK_FIREWALL provides an interface for a user-space app to receive packets from thefirewall.
NETLINK_NFLOG provides an interface used to communicate betweenNetfilter andiptables.
NETLINK_ARPD provides an interface to manage theARP table from user-space.
NETLINK_AUDIT provides an interface to the audit subsystem found in Linux kernel versions 2.6.6 and later.
NETLINK_IP6_FW provides an interface to transport packets from netfilter to user-space.
NETLINK_XFRM provides an interface to manage theIPsecsecurity association and security policy databases - mostly used by key-manager daemons using theInternet Key Exchange protocol.
NETLINK_KOBJECT_UEVENT provides the interface in which the kernel broadcasts uevents, typically consumed byudev.
One of the drawbacks of the Netlink protocol is that the number of protocol families is limited to 32 (MAX_LINKS). This is one of the main reasons that the generic Netlink family was created—to provide support for adding a higher number of families. It acts as a Netlink multiplexer and works with a single Netlink familyNETLINK_GENERIC. The generic Netlink protocol is based on the Netlink protocol and uses its API.
Users can add a Netlink handler in their own kernel routines. This allows the development of additional Netlink protocols to address new kernel modules.[6]
All rtnetlink messages consist of a netlink message header and appended attributes.
