How You'll Run and Observe Things
How You'll Run and Observe Things
You'll develop and test your stack inside a contained, reproducible lab that behaves like a miniature Internet.
The goal isn't to modify your real operating system — it's to create a sandbox where you can safely intercept and inspect every packet.
The Basic Idea
We'll use two containers:
[ Client ] <──► [ Your Stack ]
Client Container
Behaves like a normal machine. It uses the kernel's standard network stack to send packets with familiar tools: ping, curl, netcat, etc.
When you "ping" or "curl" a specific IP, the packets will leave this container and travel into the second one.
Stack Container
Runs your user-space TCP/IP stack. Inside it, you'll open a TAP interface (/dev/net/tun), which delivers raw Ethernet frames to your program.
Your stack will read those frames, process them through Ethernet → IP → TCP/UDP, and send responses back out the same interface.
The Visual Flow
Client kernel stack
↓
Docker virtual bridge
↓
tap0 → your code (Ethernet, IP, TCP, etc.)
↑
Docker bridge
↑
Client receives reply
Observing the Magic
Because everything runs in containers, you can:
- Capture packets with
tcpdumpor Wireshark at any point - Print logs from your stack showing how each header is parsed and built
- Restart or modify layers without touching your host machine
Success: You'll first build this lab in Module 1, then keep using the same setup for every layer that follows.