How to use socket and VRF in LINUX 04/26 Update SLTechnology News&Howtos

How to use socket and VRF in LINUX

2025-04-26 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/01 Report--

This article is about how to use socket and VRF in LINUX. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

LINUX socket and VRF

The experimental environment is shown in the following figure:

The configuration is as follows:

#! / bin/bashsudo ip netns add ns1sudo ip link add ns1veth2 type veth peer name eth0 netns ns1sudo ip netns add ns2sudo ip link add ns2veth2 type veth peer name eth0 netns ns2sudo ip link set ns1veth2 master vrftestsudo ip link set ns2veth2 master vrftestsudo ip link set ns2veth2 upsudo ip link set ns1veth2 upsudo ip addr add 1.1.1.254/24 dev ns1veth2 sudo ip addr add 2.2.2.254/24 dev ns2veth2 sudo ip netns exec ns2 ip addr add 2.2.2.1/24 dev eth0 sudo ip netns exec ns1 ip addr add 1.1.1 . 1/24 dev eth0sudo ip netns exec ns1 ip link set eth0 upsudo ip netns exec ns1 ip link set lo upsudo ip netns exec ns1 ip route add default via 1.1.1.254 dev eth0sudo ip netns exec ns2 ip link set eth0 upsudo ip netns exec ns2 ip link set lo upsudo ip netns exec ns2 ip route add default via 2.2.2.254 dev eth0

In the experiment, two socket interactive programs are written in C language.

Server: vrfs

# include#include#include#include#include#include#include#include # define MAXLINE 4096int main (int argc, char** argv) {int listenfd, connfd; struct sockaddr_in servaddr; char buff [4096]; int n; int on = 1 If ((listenfd = socket (AF_INET, SOCK_STREAM, 0)) =-1) {printf ("create socket error:% s (errno:% d)\ n", strerror (errno), errno); exit (0);} setsockopt (listenfd, SOL_SOCKET, SO_REUSEADDR, (void *) & on, sizeof (on)) Setsockopt (listenfd, SOL_SOCKET, SO_REUSEPORT, (void *) & on, sizeof (on)); memset (& servaddr, 0, sizeof (servaddr)); servaddr.sin_family = AF_INET; servaddr.sin_addr.s_addr = htonl (INADDR_ANY); servaddr.sin_port = htons (6666) If (argc = = 2) {printf ("vrf device name:% s\ r\ n", argv [1]); if (0 > setsockopt (listenfd, SOL_SOCKET, SO_BINDTODEVICE, argv [1], strlen (argv [1]) + 1) {printf ("bind socket master dev error:% s (errno:% d)\ n", strerror (errno), errno); exit (0) }} if (bind (listenfd, (struct sockaddr*) & servaddr, sizeof (servaddr)) =-1) {printf ("bind socket error:% s (errno:% d)\ n", strerror (errno), errno); exit (0);} if (listen (listenfd, 10) = =-1) {printf ("listen socket error:% s (errno:% d)\ n", strerror (errno), errno) Exit (0);} printf ("= waiting for client's request=\ n"); while (1) {if ((connfd = accept (listenfd, (struct sockaddr*) NULL, NULL)) =-1) {printf ("accept socket error:% s (errno:% d)", strerror (errno), errno); continue;} n = recv (connfd, buff, MAXLINE, 0) Buff [n] ='\ 0mm; printf ("recv msg from client:% s\ n", buff); close (connfd);} close (listenfd);}

Client program: vrfc

# include#include#include#include#include#include#include#include#define MAXLINE 4096#include int main (int argc, char** argv) {int sockfd, n; char* sendline = "hello vrf"; struct sockaddr_in servaddr; if (argc! = 2) {printf ("usage:. / client [master device]\ n"); exit (0) } if ((sockfd = socket (AF_INET, SOCK_STREAM, 0) < 0) {printf ("create socket error:% s (errno:% d)\ n", strerror (errno), errno); exit (0);} memset (& servaddr, 0, sizeof (servaddr)); servaddr.sin_family = AF_INET; servaddr.sin_port = htons (6666) If (inet_pton (AF_INET, argv [1], & servaddr.sin_addr) setsockopt (sockfd, SOL_SOCKET, SO_BINDTODEVICE, argv [2], strlen (argv [2]) + 1) {printf ("bind socket master dev error:% s (errno:% d)\ n", strerror (errno), errno); exit (0) }} if (connect (sockfd, (struct sockaddr*) & servaddr, sizeof (servaddr)) < 0) {printf ("connect error:% s (errno:% d)\ n", strerror (errno), errno); exit (0);} printf ("send msg to server: hello vrf\ n") If (send (sockfd, sendline, strlen (sendline), 0) < 0) {printf ("send msg error:% s (errno:% d)\ n", strerror (errno), errno); exit (0);} close (sockfd); exit (0);} experiment 1: shock effect

In the default VRF environment, start two processes and listen on the same port and address: the socket in the program uses SO_REUSEADDR and SO_REUSEPORT. See how the kernel handles the shock effect.

Console1:

Admin@ubuntu:~/vrfsocket$ for i in {0.9}; do. / vrfc 127.0.0.1; done send msg to server: hello vrfsend msg to server: hello vrfadmin@ubuntu:~/vrfsocket$

Console2:

Admin@ubuntu:~/vrfsocket$. / vrfs = waiting for client's request=recv msg from client: hello vrfrecv msg from client: hello vrf

Console3:

Admin@ubuntu:~/vrfsocket$. / vrfs = waiting for client's request=recv msg from client: hello vrfrecv msg from client: hello vrfrecv msg from client: hello vrf conclusion

The new kernel seems to be able to handle the shock effect. When a request is received, it will no longer notify all server programs listening to the port, but will do some load balancing scheduling.

Experiment 2: start two servers, one binds VRF, the other unbinds, the client does not bind VRFconsole1:admin@ubuntu:~/vrfsocket$ for i in {0.9}; do sudo. / vrfc 127.0.0.1; donesend msg to server: hello vrfsend msg to server: hello vrfadmin@ubuntu:~/vrfsocket$

Console2:

Root@ubuntu:/home/admin/vrfsocket#. / vrfs=waiting for client's request=recv msg from client: hello vrfrecv msg from client: hello vrf

Console3:

Root@ubuntu:/home/admin/vrfsocket#. / vrfs vrftestvrf device name: vrftest=waiting for client's request=

Conclusion: after the server listens to the socket binding VRF, the request in the default VRF is no longer processed

Experiment 3: start two servers, one binds VRF, the other does not bind, and the client binds VRF

Console1:

Admin@ubuntu:~/vrfsocket$ for i in {0.9}; do sudo. / vrfc 1.1.1.254 vrftest Donevrf device name: vrftestsend msg to server: hello vrfvrf device name: vrftestsend msg to server: hello vrfvrf device name: vrftestsend msg to server: hello vrfvrf device name: vrftestsend msg to server: hello vrfvrf device name: vrftestsend msg to server: hello vrfvrf device name: vrftestsend msg to server: hello vrfvrf device name: vrftestsend msg to server: hello vrfvrf device name: vrftestsend msg to server: hello vrfvrf device name: vrftestsend msg to server: hello vrfvrf device name: vrftestsend msg to server: hello vrfadmin@ubuntu:~/vrfsocket$

Console2: running under root user

Root@ubuntu:/home/admin/vrfsocket#. / vrfs=waiting for client's request=

Console3: runs under the root user.

Root@ubuntu:/home/admin/vrfsocket#. / vrfs vrftestvrf device name: vrftest=waiting for client's request=recv msg from client: hello vrfrecv msg from client: hello vrf

Conclusion: server listening sockets are not bound to VRF and cannot handle requests in non-default VRF

Experiment 4: set sudo sysctl-w net.ipv4.tcp_l3mdev_accept=1 to start two servers, one binding VRF, one unbinding, and the client not binding VRF

Console1:

Admin@ubuntu:~/vrfsocket$ for i in {0.9}; do sudo. / vrfc 127.0.0.1; donesend msg to server: hello vrfsend msg to server: hello vrfadmin@ubuntu:~/vrfsocket$

Console2:

Root@ubuntu:/home/admin/vrfsocket#. / vrfs=waiting for client's request=recv msg from client: hello vrfrecv msg from client: hello vrf

Console3:

Root@ubuntu:/home/admin/vrfsocket#. / vrfs vrftestvrf device name: vrftest=waiting for client's request= starts a server, binds VRF, and the client does not bind VRF

Console1:

Admin@ubuntu:~/vrfsocket$ for i in {0.9}; do sudo. / vrfc 127.0.0.1 Doneconnect error: Connection refused (errno: 111B) connect error: Connection refused (errno: 111connect error: Connection refused (errno: 111l) connect error: Connection refused (errno: 111connect error: Connection refused (errno: 111Y) connect error: Connection refused (errno: 111connect error: Connection refused (errno: 111C) connect error: Connection refused (errno: 111connect error: Connection refused (errno: 111l) connect error: Connection refused (errno: 111admin@ubuntu:~/vrfsocket$)

Console3:

Root@ubuntu:/home/admin/vrfsocket#. / vrfs vrftestvrf device name: vrftest=waiting for client's request= starts a server, binds VRF, and client binds VRF

Console1:

Console3:

Root@ubuntu:/home/admin/vrfsocket#. / vrfs vrftestvrf device name: vrftest=waiting for client's request=recv msg from client: hello vrfrecv msg from client: hello vrf starts two servers, one binds VRF, the other unbinds, the client binds VRF

Console1:

Console2:

Root@ubuntu:/home/admin/vrfsocket#. / vrfs=waiting for client's request=recv msg from client: hello vrfrecv msg from client: hello vrf

Console3:

Root@ubuntu:/home/admin/vrfsocket#. / vrfs vrftestvrf device name: vrftest=waiting for client's request=

When sudo sysctl-w net.ipv4.tcp_l3mdev_accept=1 is opened, the listening sockets in the default VRF can handle all requests in VRF and take precedence over other VRF listening sockets.

Serial number conclusion 1 multiple servers listen to the same address and port, and the kernel will load balance and choose to wake up one of the processes to process the request. 2 the server process in the default VRF cannot handle requests in the non-default VRF, and the server process in the non-default VRF cannot handle requests in other VRF. 3 after net.ipv4.tcp_l3mdev_accept=1 is turned on, the server process in the default VRF can handle requests in any VRF, and the highest priority 4 when net.ipv4.tcp_l3mdev_accept=1 is enabled, the server process in the non-default VRF cannot process requests in other VRF When processing traffic in this VRF, the priority is lower than the processes in the default VRF. Thank you for reading! This is the end of the article on "how to use socket and VRF in LINUX". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.