Network kernel extensions (NKEs) provide a way to extend and modify the networking infrastructure of Mac OS X while the kernel is running, without requiring the kernel to be recompiled, relinked, or rebooted.
NKEs allow you to create modules that can be loaded and unloaded dynamically at specific positions in the network hierarchy. These modules can monitor and modify network traffic, and can receive notification of asynchronous events from the driver layer, such as interface status changes.
This document is primarily of interest to developers who need to extend or modify the Mac OS X networking infrastructure. This includes:
Adding support for new, non-ethernet interface types.
Designing custom routing technologies.
Creating link-layer encryption technologies.
This document assumes a significant understanding of networking concepts, including a basic familiarity with sockets, packet filtering, and so on. It also assumes that you are already familiar with the basics of kernel-level operating systems programming.
Because even minor bugs in kernel-level code can cause serious consequences, including application instability, data corruption, and even kernel panics, the techniques described in this document should be used only if no other mechanism already exists. For example, where possible, IP filtering should generally be done using ipfw(8). Similarly, packet logging should generally be done using bpf(4).
This document is intended to provide supplementary conceptual material specific to network kernel extensions. It is not intended as a reference document, and assumes prior knowledge of Mac OS X kernel extensions (KEXTs). For reference material specific to networking KEXTs, see the document KPI Reference. For additional information on Mac OS X KEXTs in general, see the document Kernel Extension Programming Topics.
Note: The information provided in this document is only relevant for Mac OS X version 10.4 and later. The network kernel extension mechanism used prior to 10.4 is not supported in 10.4 and later. For information on writing network kernel extensions for previous versions of Mac OS X, see Network Kernel Extensions (legacy).
The following sources provide additional information that may be of interest to developers of network kernel extensions:
Kernel Extension Programming Topics—conceptual information about kernel extensions in Mac OS X.
KPI Reference—reference documentation specific to network kernel extensions and other non-I/O Kit (device driver) KEXTs.
Kernel Framework Reference—reference documentation for I/O Kit device drivers, including network device drivers.
The Design and Implementation of the 4.4 BSD Operating System. M. K. McKusick et al., Addison-Wesley, Reading, 1996.
Unix Network Programming, Second Edition, volume 1. Richard W. Stevens, Prentice Hall, New York, 1998.
TCP/IP Illustrated, volume 1: The Protocols. Richard W. Stevens, Addison-Wesley, Reading, 1994.
TCP/IP Illustrated, volume 2: The Implementation. Richard W. Stevens and Gary R. Wright, Addison-Wesley, Reading, 1995.
TCP/IP Illustrated, volume 3: Other Protocols. Richard W. Stevens, Addison-Wesley, Reading, 1996.
The following websites provide information about the Berkeley Software Distribution (BSD):
Last updated: 2009-08-14