This video is unique: it is too deep for the majority of users, but a few ones, who need it to be watched, they seem to be saved by you, dear author! 🎉
Depends what your goal is in your Linux journey. A user or even a simple admin then probably not much. But if you debug kernel issues or write network software in the lower layers then you would not be asking this question😉
This is one of the greatest RU-vid videos of all time. It was not only incredibly thorough, but also very easy to digest (assuming the viewer has a basic understanding of kernel concepts like interrupt handlers, etc). I also appreciate how you would periodically “zoom out” to review the forest after diving deep into the individual trees.
I have no words to appreciate the deep respect you have earnestly earned in my heart. This is awesome, please keep it up, I love the tracing frameworks in Linux and such videos just makes learning kernel so much more fun.
Really good video thanks....will be a great help for my reserwach into Intrusion Detection. I assume the handling would have been rather different for a tcp port below 1024 as these are handled by the kernel?
Thank you. Is there any video that might prep us for this video. I've been working with Linux a long time , but I got lost with what the program you're using and sort of had more questions along the way of what's going on. Sorry and thanks.
I learned more from watching this than my professor. I'm taking computer networks at the moment and this covers a lot of the course material, but in far more detail.
Good to hear that. If you want to be able to produce this on your own then watch this video: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-QmALYlJCAfg.html
So cool. I'm coming at this from a networking background, familiar with packet captures but seeing the kernel traces, system calls, file descriptors, and all that it really gave me a much better picture of what's going on there. I loved it, subscribed and definitely will check out your other videos. Thank you
This is really a great deep dive video i have ever seen, just wanted to know at timefram 21:56, you have mentioned that it will create a new socket for data transfer? but generally TCP relays on the same socket for listening and data transferring right? Can you please advice me on this?
Very good question. In the tcp protocol we have two kinds of sockets, listen and data sockets. A listen socket is only applicable on the server side and is unique per server ip/port. The data socket is one per source dest ip port quadruple. The listen socket is only there to accept new connection requests. Once a connection request is received the kernel creates a new data socker per incoming ip port. From the application side you wont see these different sockets.
This is amazing content! I am amazed by the fact that I (a complete linux kernel newbie) can understand what is happening. The information presented here is very valuable to my research (I want to know how select/epoll works in regards to concurrency and multithreading). Keep up with the great work and can I ask a question - is 'softirq' some kind of lightweight kernel thread or what is it?
Thanks for the encouraging feedback. Softirq is not a kernel thread, it is simply an interrupt handler which serves software interrupts. These are generally functions which are called by the kernel when an interrupt is raised. A softirq has the seconds highest priority after hardirq which serves actual hardware interrupts coming from net or disk, for example. If you require some cobtext of execution in the kernel then you can use simple threads but in kernel space, or if you require a kernel routine then go with tasklets.
Wow! This is realy excellent tutorial! It was so interest to investigate syscall interconnections and time consumption of different parts. This live format is absolutly amazing! Thanks a lot for your work!
It depends what area you have issues with. If you want to get comfortable with the visualization and analysis tool then this is the official Tracecompass channel playlist: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-8o2dar9tfLg.html
@@deeplinux2248 Hi, i can suggest something that may can help you: 1. About tracing in linux kernel: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-JRyrhsx-L5Y.html 2. Memory Management in linux Kernel : ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-7aONIVSXiJ8.html. 3: Networking fundamentals: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-bj-Yfakjllc.html
Glad that you liked it. You may want to view this one which really drills down into the kernel code for tracing how a TCP connection is handled. ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-8UmPwVFswvY.html