Sort by

Tagged with #TCP #DIY
5/7/2023

Building my own networking stack by Ryo

#TCP #DIY

Hi! There is this holiday called Golden Week in Japan. It is a week long holiday and I wanted to share this project I was working on for almost 12/7😅. Its about building your own networking stack from device(using TAP) to socket. It is a great project for those who want to understand how OS networking stack works behind the Linux kernel. Below is the github link I was following along the project. https://github.com/pandax381/microps https://github.com/sititou70/klab-protocol-stack-tutorial I've gone through each stack and it really deepened my understanding of how OS handles data arriving to its physical devices and sending all the way up to sockets assigned to each application. I am thinking of sharing some of the key concepts of each stack and how they passes data to each other in the future posts! For today's post, I just wanted to share a modification that I made from the original program regarding the TCP stack. I enabled the TCP stack to be able to establish a active connection to a server on the internet and fetch some random content. Of course, the established connection can't just abandon the connection😏. It has to participate in the process of terminating connection passively. I modified the code to complete the entire procedure of such TCP connection. Below is the log from the local program, the one uses the DIY network stack. 00:18:18.434 [D] tcp_open_rfc793: connection established: local=192.0.2.2:7, foreign=194.195.86.83:8080 (tcp.c:1172) 00:18:18.434 [D] tcp_output_segment: 192.0.2.2:7 => 194.195.86.83:8080, len=100 (payload=80) (tcp.c:417) src: 7 dst: 8080 seq: 1804289384 ack: 3543150099 off: 0x50 (20) flg: 0x18 (---AP---) wnd: 65535 sum: 0x30fe up: 0 00:18:18.434 [D] ip_output_core: dev=net1, iface=192.0.2.2, protocol=TCP(0x06), len=120 (ip.c:477) vhl: 0x45 [v: 4, hl: 5 (20)] tos: 0x00 total: 120 (payload: 100) id: 131 offset: 0x0000 [flags=0, offset=0] ttl: 255 protocol: 6 (TCP) sum: 0xdfe3 (0xdfe3) src: 192.0.2.2 dst: 194.195.86.83 00:18:18.435 [D] arp_resolve: resolved, pa=192.0.2.1, ha=8e:6e:37:e9:d1:92 (arp.c:357) 00:18:18.435 [D] net_device_output: dev=net1, type=IP(0x0800), len=120 (net.c:189) 00:18:18.435 [D] ether_transmit_helper: dev=net1, type=IP(0x0800), len=134 (ether.c:108) src: 00:00:5e:00:53:01 dst: 8e:6e:37:e9:d1:92 type: 0x0800 (IP) Data with the size of 80 was sent. Closing the connection. ... 00:18:18.562 [D] tcp_input: 194.195.86.83:8080 => 192.0.2.2:7, len=67 (payload=47) (tcp.c:996) src: 8080 dst: 7 seq: 3543150099 ack: 1804289464 off: 0x50 (20) flg: 0x18 (---AP---) wnd: 29200 sum: 0xc768 up: 0 +------+-------------------------------------------------+------------------+ | 0000 | 48 54 54 50 2f 31 2e 31 20 34 30 30 20 42 61 64 | HTTP/1.1 400 Bad | | 0010 | 20 52 65 71 75 65 73 74 0d 0a 43 6f 6e 6e 65 63 | Request..Connec | | 0020 | 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 0d 0a | tion: close.... | +------+-------------------------------------------------+------------------+ 00:18:18.562 [D] tcp_output_segment: 192.0.2.2:7 => 194.195.86.83:8080, len=20 (payload=0) (tcp.c:417) src: 7 dst: 8080 seq: 1804289464 ack: 3543150146 off: 0x50 (20) flg: 0x10 (---A----) wnd: 65488 sum: 0x029d up: 0 ... 00:18:18.565 [D] tcp_input: 194.195.86.83:8080 => 192.0.2.2:7, len=20 (payload=0) (tcp.c:996) src: 8080 dst: 7 seq: 3543150146 ack: 1804289464 off: 0x50 (20) flg: 0x11 (---A---F) wnd: 29200 sum: 0x905c up: 0 00:18:18.565 [D] tcp_output_segment: 192.0.2.2:7 => 194.195.86.83:8080, len=20 (payload=0) (tcp.c:417) src: 7 dst: 8080 seq: 1804289464 ack: 3543150147 off: 0x50 (20) flg: 0x10 (---A----) wnd: 65535 sum: 0x026d up: 0 ... 00:18:18.565 [D] tcp_output_segment: 192.0.2.2:7 => 194.195.86.83:8080, len=20 (payload=0) (tcp.c:417) src: 7 dst: 8080 seq: 1804289464 ack: 3543150147 off: 0x50 (20) flg: 0x11 (---A---F) wnd: 65535 sum: 0x026c up: 0 ... 00:18:18.689 [D] tcp_input: 194.195.86.83:8080 => 192.0.2.2:7, len=20 (payload=0) (tcp.c:996) src: 8080 dst: 7 seq: 3543150147 ack: 1804289465 off: 0x50 (20) flg: 0x10 (---A----) wnd: 29200 sum: 0x905b up: 0 Connection is closed passively. And here is the log from my web server hosting this web site. By comparing the logs, you can see that the TCP 3 way handshake at the beginning actively initiated by the local program of mine. At the end, the server is the one that initiating the termination of the connection as it has finished sending all the data, which in this case is a "400 Bad Request".... I made few modification on the program so that the local program can handle the state transition associated with the active establishment and the passive termination of a connection. root@ryofslife:~# tcpdump src host 180.56.119.152 -vvv ... 15:18:18.426463 IP (tos 0x48, ttl 233, id 129, offset 0, flags [none], proto TCP (6), length 40) p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [S], cksum 0xaed7 (correct), seq 1804289383, win 65535, length 0 ... 15:18:18.550721 IP (tos 0x48, ttl 233, id 130, offset 0, flags [none], proto TCP (6), length 40) p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [.], cksum 0xad84 (correct), seq 1804289384, ack 3543150099, win 65535, length 0 ... 15:18:18.554528 IP (tos 0x48, ttl 233, id 131, offset 0, flags [none], proto TCP (6), length 120) p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [P.], cksum 0xdb95 (correct), seq 0:80, ack 1, win 65535, length 80: HTTP, length: 80 GET / HTTP/1.1 ... 15:18:18.679744 IP (tos 0x48, ttl 233, id 132, offset 0, flags [none], proto TCP (6), length 40) p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [.], cksum 0xad34 (correct), seq 80, ack 48, win 65488, length 0 ... 15:18:18.682063 IP (tos 0x48, ttl 233, id 133, offset 0, flags [none], proto TCP (6), length 40) p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [.], cksum 0xad04 (correct), seq 80, ack 49, win 65535, length 0 15:18:18.682646 IP (tos 0x48, ttl 233, id 134, offset 0, flags [none], proto TCP (6), length 40) p9209152-ipngn9901marunouchi.tokyo.ocn.ne.jp.60320 > ryofslife.com.http-alt: Flags [F.], cksum 0xad03 (correct), seq 80, ack 49, win 65535, length 0 15:18:18.683615 IP (tos 0x48, ttl 43, id 54157, offset 0, flags [none], proto TCP (6), length 52) I am thinking of sharing the code on my github once done fixing little bits and pieces😎. Anyways, wish you all have a great week! See in the next post!!