what is interface in socket programming? - c

"INADDR_ANY binds the socket to all available interfaces."
This is the statement i Encountered.I found it here
What is interface here? Is it a port number or something else?
And another question is
Is interface and channel or one and same?

Usually your host (your computer) has more than one interfaces. For example, (older) computer without network would have only IPv4 loopback interface.
If you add and configure IPv4 network to that PC, you'll get another interface: eth0, or net0 or something similar.
When you install VPN, it will create you yet another interface, as instead of sending packets into unsecured network, you send it into logical VPN interface, and that one forwards data to eth0 after some processing.
Every time, when you add a hardware link (with driver) to a network, or create logical network, it creates you a new interface. For example, if you use VMVare, and create virtual machine, the system would provider you some set of interfaces needed to route data between your host, network, and virtual machine.
When routing IPv4, every interface is assigned IPv4 address. Even loopback (127.0.0.1). The address can be static, or obtained from server when your system boots.
So you can listen only on one interface. For example, if you bind to loopback, you will not be able to access any network, and network hosts will not be able to access your socket (assuming routing is not broken). But you connect multiple processes on your host to each other.
If you bind to particular network interface, it means you want to work with systems, that are connected to that network (directly or indirectly).
If you bind to any, for server sockets it means you let system to accept connections from anywhere, considering that anywhere can ping you.

As per my understanding the socket interface is something like this
Gives a file system like abstraction to the capabilities of the
network.
Each transport protocol offers a set of services. The socket API
provides the abstraction to access these services
The API defines function calls to create, close, read and write
to/from a socket.
Also something like this also
A network interface is the point of interconnection between a computer and a private or public network. A network interface is generally a network interface card (NIC), but does not have to have a physical form. Instead, the network interface can be implemented in software.
For example, the loopback interface (127.0.0.1 for IPv4 and ::1 for IPv6) is not a physical device but a piece of software simulating a network interface. The loopback interface is commonly used in test environments

Examples for interfaces:
your LAN card where you can plug a network cable,
a wifi adapter,
a (software-only) thing which provides an imaginary network between your main system and a virtual machine
the (software-only) loopback adapter which sends everything you send to it "back" to your own computer
etc. If you´re writing a socket server, you can choose
where the client connections may come from.
Only from a virtual machine, but no real computer outside?
Only wifi, but no cable-bound LAN? Or just all together?

Related

can I tell the network interface type with RTNETLINK?

I'm using RTNETLINK to identify the current gateway, so as to remember the firewall settings based on the Access Point I'm connected to.
WLAN connections give an ESSID that I can use for this purpose, but LAN connections don't, so I fallback to using the MAC address of the gateway as an identifier. But when I use this process on a phone's WWAN data connection, I can't retrieve any MAC address of the gateway.
I found out that in C I can use if_indextoname() on rtmsg->rta_dst->rta_oif to retrieve the outgoing interface name, like in this example, but I guess that there is no guarantee that it will conform to the interface type - it won't translate 1:1 to either WWAN, WLAN or LAN.
Is there a way to find this out in RTNETLINK ? If not, are there other kernel interfaces usable for this purpose ?

Send Packets to another subnet/network using Sockets

I am trying to find out whether the machines in a network are running a certain app. More like, I am trying to resolve addresses of nodes in a network.
I built a small code based on ARP, but it works only on a local network(same subnet). What I want to do is resolve addresses out of the subnet i.e. all other nodes.
I read these answers: UDP broadcast packets across subnets
and Broadcast on different subnets
But they all talk about changing router setting or creating a multicast network.
From what I read for multicasting to work, I need to create a multitask network beforehand. Is it really necessary?
And for changing router setting, does it really have to be a "special" router?
This is all for a college assignment and would be demonstrating it probably on an ad-hoc network or something like that.
I am open to ideas to solve the original problem.
PS:
1. I am a beginner in networking so do excuse me for any fault or misinterpretation.
I am using sockets and C(No other option).
Edit 1:
I am well aware ARP is useless outside the subnet. I mentioned it because I used it and it helped explaining the problem.
Edit 2:
The original problem is:
Building a chat application, nothing fancy sending messages from one point to another, without using a central server of any kind. Not even a hybrid network with a central store is allowed.
i.e. if A and B are two clients, A should directly connect to B and vice versa.
I did some research and decided to use P2P architecture. And now I am stuck to how will A discover address of B. If I know the subnet of B, I can brute force and locate B but since I don't have such information what do I do?
ARP is not intended to be routed outside the local network, where in IPv4, the "local network" typically corresponds to a subnet. You should not expect ARP traffic to transit routers from inside to outside or vise versa.
Similarly, UDP broadcasts generally do not propagate outside the local network, and it's a good thing that they don't, for reasons related to both security and traffic volume.
From what I read for multicasting to work, I need to create a multitask network beforehand. Is it really necessary?
Basically, yes. Your routers need to be configured to support multicasting (which may be their default). All participants need to agree on and join the same multicast group. There might not be a need for any new networking hardware, but multicast communication has its own protocols and network requirements; it is not merely a broadcast that can traverse network boundaries.
And for changing router setting, does it really have to be a "special" router?
If you mean changing router settings so that UDP broadcasts are routed between networks, you do indeed need a router that exposes this capability. But I urge you not to do this, as it will let broadcasts from all other sources, for all other reasons transit the router, too. At minimum, this will significantly increase the noisiness of all networks involved, but it could produce bona fide misbehavior of applications and services other than yours.
The Limited Broadcast (255.255.255.255, which is used by ARP requests as the destination address, and ARP only works for IPv4 on the local LAN) cannot cross a router, and a Network Broadcast (last network address, where the host is all ones) by default cannot cross a router (Directed Broadcast) because it is a security risk (see RFC 2644, Changing the Default for Directed Broadcasts in Routers).
Some routers can be configured to forward directed broadcasts, but this can be dangerous.
Multicast is a form of broadcast. Multicast routing is very different than unicast routing, and every router in a path must be configured for multicast routing. Also, hosts must subscribe to a multicast group before they will even listen for packets from a multicast group. Additionally, there are some multicast groups that all hosts listen for, but those are link-local multicasts that cannot be forwarded off the local LAN.
Adding to what other answers have provided:
ARP is not useful for a system in another subnet. Even if you were able to send an ARP request to a system in the other subnet, and receive its response somehow -- providing you with that system's MAC address -- you could not use it to send a packet to that system because Ethernet does not provide a routing mechanism, and so the system will never see any Ethernet packet you address to it.
If you are simply trying to identify which systems within another IP subnet are live, you can probably do this by other means. Take a look at the nmap command, for example. It supports a wide variety of IP communications methods that will be routed to the other subnet and can often detect what machines are present and which services are available on the machines found.
And you can of course duplicate what nmap does yourself. For example, if you want to find out which systems in subnet 192.168.10.0/24 are listening on TCP port 80, one way is to simply attempt to connect to port 80 on each system in that subnet. In general, there are four answers you may receive back:
Connection success (No error: the machine is present and there is a program listening to that port)
Connection refused (errno ECONNREFUSED: the machine is present but there
is no program listening to that port)
No route to host (EHOSTUNREACH: there is no machine answering to
that IP address)
No response (ETIMEDOUT: several reasons why this can happen; for example, the system could have firewall settings causing it to simply ignore the request)
(And there are other less likely possibilities as well.) Using other IP access methods (ICMP/ping, UDP packets) will have a different matrix of possible results.
As others have explained, multicast mechanisms would only be helpful for discovering a set of cooperating machines that are pre-configured to join a multicast group.

How to debug a "openvswitch" like kernel modules program in a virtual machine environment?

I am working on a project like "openvswitch" --- a linux kernel modules that interfaces with
various network interface cards.
You can bind some network interfaces (like eth0, eth1) to the module, and then packet received from the interfaces will be handled by the kernel module (it may modified the packet header and send the packet from another binding interface).
In a virtual machine environment, I can easily do the development work (kernel space programming often crash the machine) but I can hardly do the testing work. It is difficulty to
send a specific packet to the vm's specific interface. Is there any easy way for this?
Use a traffic generation tool like Scapy on your hypervisor to send traffic to the virtual NICs that are attached to your VM. With qemu/libvirt these interfaces normally come up as "vnet0", "vnet1", etc.
Do not use bridges, but send traffic directly to the vnic. Linux bridges are good at forwarding IP traffic but will not let every ethernet frame go through unmodified.

Use Netfilter to forward packets between two network devices

I am working on a kernel module that will be used in a standalone firewall unit.
The basic structure of the network will, I assume, be:
LAN <---> Gateway <---> Firewall <---> Internet
The firewall itself has no DHCP server. It has two network interface cards, eth0 which is connected to the internet and eth1 which is connected to the gateway. The gateway will be configured to by default forward outgoing packets to the firewall, I'm assuming this is possible as well.
I am in the process of writing the kernel module using the Netfilter kernel library and I need a way to forward (or not) packets between the two network interfaces. Will setting up a bridge work? I'm more of a programmer and less of a network engineer, so I'm sort of at a loss here. How should this work?
iptables is the userland interface to the Netfilter engine.
if you say that "iptables won't escalate enough for your project”
you are saying that Netfilter is not for your project…
I think you do not have to code anything, you just have to learn iptables; yes I know, it isn’t easy ;-)

What client-side situations need bind()?

I'm learning C socket programming. When would you use bind() on the client-side? What types of program will need it and why? Where can I find an example?
On the client side, you would only use bind if you want to use a specific client-side port, which is rare. Usually on the client, you specify the IP address and port of the server machine, and the OS will pick which port you will use. Generally you don't care, but in some cases, there may be a firewall on the client that only allows outgoing connections on certain port. In that case, you will need to bind to a specific port before the connection attempt will work.
An example would be the data connection of an active FTP connection. In this case, the server connects from its port 20 to the IP and port specified by a PORT or EPRT command.
A classic example of a client program using bind() is the (obsolete) rlogin / rsh family of network clients. These clients were intended to be used within networks with strong trust relationships - in some cases the server machine trusts the client machine to tell it the username of the user that is connecting. This required that the client program connect from a low port (a port less than 1024), because such ports are restricted to the root user and thus (in theory) prove that the client being used is authorised by the system administrator.
The NFS protocol has similar trust relationships, and similarly the client makes connections from a low port number, using bind().
Another example is IRC clients that allow the user to specify a particular source IP address to connect from. This is to accomodate users with many IP addresses assigned to their machine, each with a different "vanity" domain name assigned to it. Choosing which IP to connect from (with bind()) allows the user to choose which domain name to appear as on IRC.
A good situation would be in a p2p case, you’re communicating with a STUN Server with a bound socket, and the STUN Server tells you the port on which he is receiving messages from your socket (that can be different from the one you specified when you bound your socket depending on your network and more specifically on your NAT type). This will allow you to be aware of the real port translation that your NAT is doing, and you’ll be able to give this information to potential peers that want to connect to you.
Binding the socket is useful as some NATs are dynamically giving you ports (binding on port x twice might not give you the same “real” port). So you’ll be able to directly use the socket you bound to listen on the port.
I suppose you should bind() in the case of UDP sockets.
bind function is one of "key" functions. It associates your socket (server or client) with address (ip + port). As for Windows you must use bind for WinSockets. There is good book about it "Network Programming for Microsoft Windows" by Anthony Jones and Jim Ohlund.
Bind can be used to attach names to a sockets. Thus, say you create a software that uses a particular TCP port, you need to bind it and then, you will know the TCP port it is using.

Resources