Šabić: eBPF and XDP for Processing Packets at Bare-metal Speed

[Posted June 4, 2019 by corbet]

Nedim Šabić has written a tutorial article on using the eXpress Data Path for fast packet filtering. "Now comes the most relevant part of our XDP program that deals with packet’s processing logic. XDP ships with a predefined set of verdicts that determine how the kernel diverts the packet flow. For instance, we can pass the packet to the regular network stack, drop it, redirect the packet to another NIC and such. In our case, XDP_DROP yields an ultra-fast packet drop."

Šabić: eBPF and XDP for Processing Packets at Bare-metal Speed

Posted Jun 4, 2019 15:09 UTC (Tue) by clameter (subscriber, #17005) [Link] (2 responses)

Well the usual work at reinventing what the RDMA subsystem already provides in a cleaner way and its not mentioned at all in the article. RDMA can do regular packet send and receive to a ring buffer in user space and can do the ethernet packet classification etc in hardware and has been doing that reliably for more than a decade. This is what is actually being used for high speed data processing supporting 100G links and higher.

Šabić: eBPF and XDP for Processing Packets at Bare-metal Speed

Posted Jun 5, 2019 13:44 UTC (Wed) by edomaur (subscriber, #14520) [Link]

Yes, but as for DPDK, you need to pre-allocate larges swats of RAM, which is not needed for XDP. Also, it's easier to distribute the XDP load between CPUs and you can also interface it with other apps. However, both theses approaches are complettelly valid ones, with somewhat different use-cases.

Šabić: eBPF and XDP for Processing Packets at Bare-metal Speed

Posted Jun 8, 2019 0:02 UTC (Sat) by ncm (guest, #165) [Link]

RDMA also requires cooperation at the sender.

If I had access, from my eBPF program fragment, to pre-permission-checked ranges of user-space memory, it would do everything I need, and make io_uring redundant. (It doesn't do exactly what I need, anyway, but something else costlier.) On NICs that let me run my eBPF on the NIC, it would free one or more whole CPU cores per interface. Either way, it would relieve dependency on proprietary libraries and, sometimes, on superuser permissions.

Šabić: eBPF and XDP for Processing Packets at Bare-metal Speed

Posted Jun 6, 2019 3:34 UTC (Thu) by pakumar (guest, #96315) [Link]

Is this just the next progression from firewall rules. I presume the packet processing has to be something simple and not like a data base query, etc.