In this section, the text clarifies that Unix domain protocols are not a “protocol suite” in the networking sense (like TCP/IP). Instead, they are a method for Interprocess Communication (IPC) on a single host, but they use the exact same Sockets API (socket(), bind(), connect(), etc.) that we use for network communication.
Think of it as “local networking.” We write code almost exactly like a TCP client/server, but the traffic never leaves our machine.
Why use Unix Domain Sockets?
There are three primary reasons to use Unix Domain Sockets over TCP sockets when the client and server are on the same machine:
- Performance: They are significantly faster. On Berkeley-derived kernels, Unix domain sockets can be twice as fast as TCP sockets for local communication. This is because the kernel knows the data isn’t leaving the box, so it can skip complex network checks (like checksums, routing, and header creation).
Note
The X Window System uses this optimization. When an X11 client connects to a server, it checks if the server is on the same host. If so, it uses a Unix domain stream socket; otherwise, it uses TCP. 3. Passing Descriptors: This is a unique feature. We can pass open file descriptors (like a connection to a specific file or another socket) from one process to another across a Unix domain socket. This is extremely powerful for process isolation and privilege separation. 4. Security Credentials: Newer implementations allow the server to receive the user ID (UID) and group ID (GID) of the client connecting to it. This provides a secure way to verify who is making a request without relying on IP addresses (which can be spoofed) or passwords for every local action.
Types of Sockets
Just like Internet sockets, Unix domain sockets come in two main flavors:
- Stream Sockets: These provide a reliable byte stream, very similar to TCP.
- Datagram Sockets: These provide unreliable message passing, very similar to UDP.
Addressing: The Filesystem Pathname
One of the biggest differences we will notice immediately is the address format.
- TCP/IP: Uses an IP address + Port number (e.g.,
127.0.0.1:80). - *Unix Domain: Uses a pathname within the filesystem (e.g.,
/tmp/mysocket).
These pathnames look like files, but the text notes that we cannot read or write to them using standard tools like cat or vi. They are merely entry points for the kernel to associate processes.
Note
It essentially allows we to write one codebase that can arguably switch between local (fast) and network (distributed) communication just by changing the address family.