Kea
1.9.9-git
|
Packet handling class using Berkeley Packet Filtering (BPF) More...
#include <pkt_filter_bpf.h>
Public Member Functions | |
virtual bool | isDirectResponseSupported () const |
Check if packet can be sent to the host without address directly. More... | |
virtual SocketInfo | openSocket (Iface &iface, const isc::asiolink::IOAddress &addr, const uint16_t port, const bool receive_bcast, const bool send_bcast) |
Open primary and fallback socket. More... | |
virtual Pkt4Ptr | receive (Iface &iface, const SocketInfo &socket_info) |
Receive packet over specified socket. More... | |
virtual int | send (const Iface &iface, uint16_t sockfd, const Pkt4Ptr &pkt) |
Send packet over specified socket. More... | |
Public Member Functions inherited from isc::dhcp::PktFilter | |
virtual | ~PktFilter () |
Virtual Destructor. More... | |
Additional Inherited Members | |
Protected Member Functions inherited from isc::dhcp::PktFilter | |
virtual int | openFallbackSocket (const isc::asiolink::IOAddress &addr, const uint16_t port) |
Default implementation to open a fallback socket. More... | |
Packet handling class using Berkeley Packet Filtering (BPF)
The BPF is supported on the BSD-like operating systems. It allows for access to low level layers of the inbound and outbound packets. This is specifically useful when the DHCP server is allocating new address to the client.
The response being sent to the client must include the HW address in the datalink layer. When the regular datagram socket is used the kernel will determine the HW address of the destination using ARP. In the case when the DHCP server is allocating the new address for the client the ARP can't be used because it requires the destination to have the IP address.
The DHCP server utilizes HW address sent by the client in the DHCP message and stores it in the datalink layer of the outbound packet. The BPF provides the means for crafting the whole packet (including datalink and network layers) and injecting the hardware address of the client.
The DHCP server receiving the messages sent from the directly connected clients to the broadcast address must be able to determine the interface on which the message arrives. The Linux kernel provides the SO_BINDTODEVICE socket option which allows for binding the socket to the particular interface. This option is not implemented on the BSD-like operating systems. This implies that there may be only one datagram socket listening to broadcast messages and this socket would receive the traffic on all interfaces. This effectively precludes the server from identifying the interface on which the packet arrived. The BPF resolves this problem. The BPF device (socket) can be attached to the selected interface using the ioctl function.
In nutshell, the BPF device is created by opening the file /dev/bpfd where d is a number. The BPF device is configured by issuing ioctl commands listed here: http://www.freebsd.org/cgi/man.cgi?bpf(4). The specific configuration used by Kea DHCP server is described in documentation of PktFilterBPF::openSocket
.
Use of BPF requires Kea to encode and decode the datalink and network layer headers. Currently Kea supports encoding and decoding ethernet frames on physical interfaces and pseudo headers received on local loopback interface.
Definition at line 56 of file pkt_filter_bpf.h.
|
inlinevirtual |
Check if packet can be sent to the host without address directly.
This class supports direct responses to the host without address.
Implements isc::dhcp::PktFilter.
Definition at line 64 of file pkt_filter_bpf.h.
|
virtual |
Open primary and fallback socket.
This method opens the BPF device and applies the following configuration to it:
It also obtains the following configuration from the kernel:
iface | Interface descriptor. Note that the function (re)allocates the socket read buffer according to the buffer size returned by the kernel. |
addr | Address on the interface to be used to send packets. |
port | Port number. |
receive_bcast | Configure socket to receive broadcast messages |
send_bcast | Configure socket to send broadcast messages. |
Implements isc::dhcp::PktFilter.
Definition at line 225 of file pkt_filter_bpf.cc.
References isc::dhcp::Iface::flag_loopback_, isc::dhcp::Iface::getName(), isc_throw, isc::dhcp::Iface::resizeReadBuffer(), and isc::asiolink::IOAddress::toUint32().
|
virtual |
Receive packet over specified socket.
iface | interface |
socket_info | structure holding socket information |
Implements isc::dhcp::PktFilter.
Definition at line 383 of file pkt_filter_bpf.cc.
References isc::dhcp::decodeEthernetHeader(), isc::dhcp::decodeIpUdpHeader(), isc::dhcp::DHCPDISCOVER, isc::dhcp::SocketInfo::fallbackfd_, isc::dhcp::Iface::flag_loopback_, isc::dhcp::Iface::getIndex(), isc::dhcp::Iface::getName(), isc::dhcp::Iface::getReadBuffer(), isc::dhcp::Iface::getReadBufferSize(), isc_throw, and isc::dhcp::SocketInfo::sockfd_.
|
virtual |
Send packet over specified socket.
iface | interface to be used to send packet |
sockfd | socket descriptor |
pkt | packet to be sent |
Implements isc::dhcp::PktFilter.
Definition at line 544 of file pkt_filter_bpf.cc.
References isc::dhcp::Iface::flag_loopback_, isc::util::OutputBuffer::getData(), isc::dhcp::Iface::getHWType(), isc::util::OutputBuffer::getLength(), isc::dhcp::Iface::getMac(), isc::dhcp::Iface::getMacLen(), isc_throw, isc::util::OutputBuffer::writeData(), isc::dhcp::writeEthernetHeader(), and isc::dhcp::writeIpUdpHeader().