Networking in Mac OS X

Networking in Mac OS X is designed to be robust, dynamic, and easy to configure, primarily through the Network pane of System Preferences.

Users can configure multiple IP addresses per interface, as well as multiple protocols per interface, from the Network preferences pane without any command-line intervention. The infrastructure allows a user to switch between sets of configuration settings stored as locations. In addition, the infrastructure senses changes (such as an Ethernet link becoming inactive) and provides for an automatic mechanism to use another interface (such as an AirPort connection). All of these changes can be made without rebooting, and most occur with little or no user intervention.

These features make network configuration in Mac OS X easy, and they manage much of the complexity for users. System administrators, however, need a deeper level of understanding. What occurs when you make changes and click the Apply Now button? Where is network configuration information stored? What mechanisms are in place that provide the dynamic configuration infrastructure?

In traditional UNIX-based operating systems, ifconfig is used to configure interfaces, and calls to ifconfig are present in the system's startup script to configure the interfaces at boot time. Although ifconfig is present and operative in Mac OS X, it is not advisable to use it to configure a network interface because Mac OS X provides a more dynamic configuration infrastructure. Further, ifconfig should be used only to view network information and not to edit that information.

Understanding Networking Architecture

Although the System preferences pane provides a simple interface for a user to make changes to Mac OS X, configuration elements appear throughout the file system.

The Mac OS X kernel provides the hardware interaction with drivers that allow the computer to communicate with network interface cards, such as an Ethernet adapter or an AirPort card. In addition, the kernel allows a Mac OS X computer to communicate using standard TCP/IP, with support for various low-level features, such as IP addressing and IP packet filtering and forwarding.

Key processes serve to dynamically configure the system and to perform DNS name service for name-toIP address and IP addressto-name resolutions. This DNS name service is critical on a TCP/IP network.

Text-based configuration files and the local NetInfo database are used by Mac OS X to store its configuration information. The system.log log file holds records of the activity of daemons such as configd.

Finally, several scripts help keep preferred network settings consistent across reboots. These scripts are used to start services and can be found in /System/Library/StartupItems/ and /System/Library/LaunchDaemons/. launchd uses the configuration files found in the LaunchDaemons directory to start network services such as sshd for remote access to your computer. The files in the StartupItems directory provide an alternative way to start certain services. One such startup item is AppleShare for starting Apple File Sharing services.

The Kernel's Role in Networking

The kernel in Mac OS X is Darwin. Network Kernel Extensions (NKEs) have been added to the BDS Kernel component to implement additional capabilities beyond the basic TCP/IP stack. The Mach Kernel component of Darwin contains the I/O Kit to control network interface access.

NKEs provide a way to extend and modify the networking infrastructure of Mac OS X dynamically, without recompiling or relinking the kernel. The effect is immediate and does not require rebooting the kernel.

Use System Profiler and kextstat to view kernel extensions currently loaded in the kernel. Use kextload to load a new kernel extension. This command loads and starts a kernel file by loading modulefile into the kernel and starting its execution. Use kextunload to stop and unload a kernel module previously loaded with kextload.

Networking system calls access the kernel through the networking level. Mac OS X supports both TCP/IP and AppleTalk. The Mac OS X IP stack implementation includes the following implementation and tuning parameters:

• Transmission Control Protocol (TCP)

• User Datagram Protocol (UDP)

• Address Resolution Protocol (ARP)

• Internet Protocol (IP), including packet forwarding over multiple network interfaces

• Internet Control Message Protocol (ICMP), for network maintenance and debugging TCP

Functionality such as IP forwarding, IP filtering, and multihoming is supported in the TCP/IP networking stack.

IP Address Resolution

Once the system has a valid network configuration, users will want to get the most out of their connection. Users often rely on name-to-IP address resolution to make access to network resources such as mail, Web, and file servers simple and convenient. lookupd is Mac OS X's primary DNS resolver. Applications such as Safari and Mail rely on the operating system for name-to-IP address resolution, and lookupd provides the resolution the applications and the operating system need.

host and dig bypass both the operating system and lookupd, and query the configured DNS server directly. Keep this in mind as you employ either of these tools. Their output is invaluable, as they show how the configured DNS server is responding to a specific request. However, their output does not show how the operating system is resolving the lookup.

Only lookupd can show you how the operating system and running applications are resolving lookups. The system may be configured to use additional sources for hostnames outside a traditional external DNS server, such as a local hosts file or dynamic hostnames populated by Bonjour.

To query lookupd, start with the command lookupd d. This will begin an interactive session with lookupd. To look up hosts, use this command:

hostWithName: domain_name

where domain_name is the domain address you want to look up.