Netfilter Packet Traversal diagram, also available in the following formats nfk-traversal.pdf, nfk-traversal.png, nfk-traversal.jpg, and nfk-traversal.svg.
There are a number of different diagrams of kernel packet traversal. Here are some others:
- https://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg
- http://www.csie.ntu.edu.tw/~b93070/CNL/v4.0/CNLv4.0.files/Page697.htm
- http://www.adminsehow.com/2011/09/iptables-packet-traverse-map/
- http://shorewall.net/images/Netfilter.png
- https://www.frozentux.net/iptables-tutorial/chunkyhtml/images/tables_traverse.jpg
Traffic Control System Component Diagram, also available in the following formats htb-class.pdf, htb-class.png, htb-class.jpg, and htb-class.svg.
The above diagram demonstrates the resulting kernel traffic control structures generated from the following tcng configuration. The purpose is to illustrate visually many of the simplest forms of the features of the traffic control subsystem (shaping, nested qdiscs, HTB token handling, policing and reclassification).
/*
*
* possible mock up of diagram shown at
* http://linux-ip.net/traffic-control/htb-class.png
*
*/
$m_web = trTCM (
cir 512 kbps, /* commited information rate */
cbs 10 kB, /* burst for CIR */
pir 1024 kbps, /* peak information rate */
pbs 10 kB /* burst for PIR */
) ;
dev eth0 {
egress {
class ( <$web> ) if tcp_dport == PORT_HTTP && __trTCM_green( $m_web );
class ( <$bulk> ) if tcp_dport == PORT_HTTP && __trTCM_yellow( $m_web );
drop if __trTCM_red( $m_web );
class ( <$bulk> ) if tcp_dport == PORT_SSH ;
htb () { /* root qdisc */
class ( rate 1544kbps, ceil 1544kbps ) { /* root class */
$web = class ( rate 512kbps, ceil 512kbps ) { sfq ; } ;
$bulk = class ( rate 512kbps, ceil 1544kbps ) { sfq ; } ;
}
}
}
}
The above tcng configuration file would create the traffic control structures shown at the top of the section Traffic Control System Components.
Also available in green. linux-htb.pdf, linux-htb.png, linux-htb.jpg, and linux-htb.svg.
There's no accompanying configuration file (as included in Traffic Control System Components, but this is one attempt to show where the different familiar features of general traffic control concepts would be applied when using the Hierarchical Token Bucket (HTB) qdisc under Linux.
And, around the same time as creating the above diagrams, I also gave a talk on the different componentry involved in the Linux traffic control system. This is a general introduction.
Also available in handout.pdf, handout.png, handout.jpg, and handout.svg.
A slice of the domain name system, demonstrating the resolution process on the left hand side of the diagram and the delegation process on the right hand side. Also available in dns-overview.dia, dns-overview.eps, dns-overview.pdf, dns-overview.png, dns-overview.jpg, and dns-overview.svg.
Over the years, I had to explain both the authoritative and the resolving sides of the Domain Name System (DNS), so I created this diagram to capture a good chunk of the behaviour of the distributed system.
There are smaller diagrams related to individual components of the Linux traffic control subsystem scattered throughout and included in the Traffic-Control-HOWTO.
