kb/network-l2-l3

Linux networking: link and network layers (L2/L3)

Linux networking at L2 and L3, the way packets move between hosts: Ethernet frames and MAC, ARP and the broadcast domain, IPv4 addressing and subnets, the routing table and default gateway, ICMP and traceroute, veth and network namespaces. Without these basics you cannot understand container networks or a cloud VPC.

16 статей в категории

§ статьи

arpARP: Address Resolution ProtocolARP answers the question "who has MAC = ?" for a given IP inside one network. Linux keeps the result in the neighbor table (`ip neigh`).
bonding-and-teamingBonding and teaming: aggregating interfacesBonding combines several physical interfaces into one logical interface. Modes: active-backup (one active), 802.3ad/LACP (LAG with a switch), balance-xor (hash by MAC). Used for HA and to double throughput.
broadcast-domainBroadcast Domain: What It Is and Who Lives in ItA group of devices where an L2 frame with dst MAC `FF:FF:FF:FF:FF:FF` (broadcast) reaches everyone. A switch extends a broadcast domain; a router stops it.
default-gatewayDefault gateway: leaving your own networkThe router IP in your subnet where the stack sends packets for every address that **is not local**. One gateway per host, but in multi-homed setups there can be several.
ethernet-frameEthernet FrameAn Ethernet frame is the L2 transmission unit: dst-MAC, src-MAC, EtherType, payload (usually an IP packet), FCS checksum. Standard MTU is 1500 bytes.
icmpICMP: Internet Control Message ProtocolICMP is the control protocol on top of IP for control messages: echo (ping), destination-unreachable, time-exceeded (used by traceroute), MTU discovery. Not for data.
ip-forwardingIP Forwarding: Turn a Host into a RouterLinux does not forward packets between interfaces by default. Enable it with `sysctl net.ipv4.ip_forward=1`. Without this, NAT, VPN routing, and any forwarding will not work.
ipv4-addressingIPv4: Addressing and CIDRAn IPv4 address is 32 bits written as `a.b.c.d`. The **/N** suffix is the prefix length: `/24` fixes the first 24 bits for the network and leaves 8 bits for hosts (256 addresses).
linux-bridgeLinux Bridge: Software SwitchA bridge is a software L2 switch in the Linux kernel. It learns MACs in the FDB and forwards frames between interfaces. It underpins the Docker default network, KVM bridge, and libvirt. With vlan_filtering it emulates a managed switch.
mac-addressMAC AddressMAC address is a 48-bit hardware identifier for a network interface, written as `aa:bb:cc:dd:ee:ff`. It is unique within an L2 segment and is used in [[ethernet-frame]] for L2 addressing.
policy-routingPolicy Routing: Rule-Based RoutingPolicy routing selects a routing table based on src-IP, fwmark, iif, or tos. ip rule + ip route table N. Multi-uplink, source-based routing, VRF, split-tunnel VPN. RPDB is the Routing Policy Database.
routing-tableRouting tableThe routing table lists where to send packets for each destination. The longest matching prefix wins.
subnetting-cidrSubnetting and CIDRCIDR /N specifies how many of the 32 bits (or 128 for IPv6) belong to the network. /24 gives 256 addresses, /30 gives 4 (p2p), /16 gives 65536. A host in a subnet can communicate directly only with hosts that share the same prefix.
tracerouteTraceroute: How to See the Path a Packet Takes Across the InternetTraceroute shows every router on the path to a remote host. It works by sending packets with **increasing TTL** values (1, 2, 3, ...) and collecting "time exceeded" replies from routers that drop those packets.
veth-pairveth pairA veth pair is two linked virtual Ethernet interfaces. Whatever enters one end exits the other. It is the basic building block of all Linux container networks.
vlan-and-trunkVLAN: 802.1Q Virtual LAN and Trunk PortsVLAN logically splits one physical switch into multiple L2 segments. The 802.1Q tag adds 4 bytes to an Ethernet frame with a VLAN ID (12 bits, up to 4094 VLANs). Trunk = multiple VLANs on a port, access = one.

← вернуться ко всем категориям базы знаний