Alpine4Linux

Neelkanth Natu (neelnatu@yahoo.com)


Alpine4Linux is a userlevel FreeBSD 4.8 networking stack running on top of a stock Linux kernel. It is an implementation of an idea that I came across in a paper by David Ely, Stefan Savage and David Wetherall. I would like to point out right away that the Alpine4Linux design is completely different from the implementation described in the paper. In particular Alpine4Linux has a single FreeBSD networking stack that is shared by multiple client processes.

Alpine4Linux consists of a userland server program that runs the FreeBSD kernel code as well as the unmodified networking stack.  Client programs use the Alpine stack by setting the LD_PRELOAD environment variable to link to libraries, that intercept socket related system calls. These intercepted system calls are routed to the Alpine server over a TCP connection established on the loopback interface.

Alpine4Linux goes great lengths to ensure that its behavior is identical to that of a FreeBSD kernel as far as networking is concerned. Thus, in addition to the unmodified FreeBSD stack. Alpine4Linux also has unmodified socket layer code, file descriptor code, tsleep and wakeup for e.g. It also has a rich client-side library that supports almost all socket functions as well as functions like fork() that are commonly used by server programs.

Alpine4Linux Server in Action

Here is a output of the Alpine4Linux server when it starts up. The server initializes the kernel when it starts up which is the reason for the FreeBSD copyright messages.

[root@localhost scripts]# bash run_alpine_server.sh

Modifying INPUT and FORWARD chains to drop packets destined to 10.11.12.13

Listening on 127.0.0.1:8475!
Copyright (c) 1992-2003 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
        The Regents of the University of California. All rights reserved.
FreeBSD 4.8-RELEASE #4: Fri May 30 02:29:53 PDT 2003
    neel@localhost:/home/neel/av/main/bsd/src/sys/compile/NINT
Opening tap0
Setting hwaddr for tap0 device to: 0:4:76:ec:2a:f0
Setting IP address of tap0 device to: 10.11.12.13

Alpine4Linux uses the "tap0" pseudo-device within the FreeBSD kernel to do raw packet I/O. The "tap0" interface is mapped to a real Linux device (e.g. "eth0") on which the packet I/O really happens. The server also sets the hardware address of the "tap0" pseudo-device to match the hardware address of the real device "eth0". This allows the FreeBSD stack to reply to arp requests for its IP address with a valid hardware address. Note that we change iptables ruleset so that the Linux kernel will ignore packets destined to the Alpine stack.

Alpine4Linux Clients in Action

We can run networking utilities like "ifconfig" and "route" against the Alpine4Linux stack. Note that the "ifconfig" program is the stock Linux program. Also note that we are using a wrapper shell script to execute the programs. The shell script sets up the LD_PRELOAD and LD_LIBRARY_PATH variables before launching the program.

[neel@localhost scripts]$ bash run_alpine_client.sh /sbin/ifconfig tap0
tap0      Link encap:Ethernet  HWaddr 00:04:76:EC:2A:F0
          inet addr:10.11.12.13  Bcast:10.11.12.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1


[neel@localhost scripts]$ bash run_alpine_client.sh ../sbin/route/route -- add 10.11.12.0/24 -interface 10.11.12.13
add net 10.11.12.0: gateway 10.11.12.13
[neel@localhost scripts]$ bash run_alpine_client.sh ../sbin/route/route -- get 10.11.12.1
   route to: 10.11.12.1
destination: 10.11.12.0
       mask: 255.255.255.0
  interface: tap0
      flags: <UP,DONE,CLONING,STATIC,PRCLONING>
 recvpipe  sendpipe  ssthresh  rtt,msec    rttvar  hopcount      mtu     expire
       0         0         0         0         0         0      1500       -12

I have also tested client programs like nmap, telnet and server programs like vsftpd-1.1.3 successfully against Alpine4Linux.

Source Code

You can download the source code here. Untar the tarball using 'tar xvzf alpine4linux.tar.gz' and look for the file docs/running.txt to start playing with Alpine4Linux.

Documentation

Get Alpine4Linux up and running quick: running.txt

A description of how Alpine4Linux pretends to be the FreeBSD kernel: alpine4linux.txt

FAQ: faq.txt

Limitations of Alpine4Linux: limitations.txt

Differences between Alpine4Linux and the original Alpine implementation: differences_from_alpine4bsd.txt

Acknowledgements

David Ely, Stefan Savage, David Wetherall for Alpine
Perforce source control system for their free 2-client license
Shri and Ravi for tolerating me when I am babbling