Entire Linux Network stack diagram (2024) (opens in new tab)

This place needs more of this kind of documentation.

I failed to use IP tables for years. I bought books. I copied recipes from blog posts. Nothing made sense, everything I did was brittle. Until I finally found a schematic showing the flowchart of a packet through the kernel, which gives the exact order that each rule chain is applied, and where some of the sysctl values are enforced. All of a sudden, I could write rules that did exactly what I wanted, or intelligently choose between rules that have equivalent behaviors in isolation but which could have different performance implications.

After studying the schematic, every would just work on the first try. A good schematic makes a world of difference!

For anyone who is interested, the author of this diagram also made a Linux disk I/O diagram (https://zenodo.org/records/15234151). These diagrams are from his book Operativni sustavi i računalne mreže - Linux u primjeni (https://zenodo.org/records/17371946)

Shout out to the brilliant and generous work of the author!

Linux Kernel map is an other good one https://commons.wikimedia.org/wiki/File:Linux_kernel_map.png

I'm surprised to realize I'm familiar with most of the stack just from decades of Linux usage and no formal study of the stack.

Thanks Hrvoje Horvat for such a detailed diagram! It'll help me learn the Network stack much, much easier.

His book "Operativni sustavi i računalne mreže - Linux u primjeni" [0] (Operating systems and computer networks - Linux in use) may well make learning Croatian worth it! Congrats on publishing, and thanks for such an invaluable contribution!

[0]: https://zenodo.org/records/17371946

That's pretty cool!

If someone could program a visualization tool that would generate such diagrams automatically, that would be even cooler (but likely a mission impossible).

For containers you will also have own TCP/IP stack similarly to what is shown for VM on the diagram, this is done when a container uses slirp4netns to provide networking. An alternative is to use kernel TCP/IP stack, this is done when pasta is used for networking, diagram on this page shows the details:https://passt.top/passt/about/.

Is it possible we see the diagram as an svg? I am seeing it only as embedded in the pdf, and really difficult to read .

Is there some sort of equivalent to this book but in English, which explains and diagrams the Linux network stack? Doesn't need to be all in one, I feel like having a more high level overview and then subsystem diagrams with explanations would work as well.

I'm not sure if this takes into account para-virtualized networks on VMs, ie. VMware vm's with "virtual" hardware access

It's been a few years for me tho, so perhaps it's covered with the VM section.

Lovely diagram, thanks for sharing it!

*simplified.

Doesn't even go into iptables/nftables

Incredible work! I really wish the author's book had an English translation.

Any recommendations for a map of Linux user-space network management options?

Anyone figure out what the colour scheme means?

Good thing we have Hacker News

s/Aplication/Application/g

qdisc is too small in this diagram and to easy to miss.

wow

Fools admire complexity.