XDP - eXpress Data Path
Allikas: Imre kasutab arvutit
Mine navigeerimisribaleMine otsikasti
Sissejuhatus
Tööpõhimõte
TODO
Rakendus - stateless paketifilter
Tööpõhimõte
TODO
Kasutuskoha ettevalmistamine
Nt Debian v. 12 ja Ubuntu v. 24.04 sisaldavad vajalikku kerneli poolset tuge ning user-space utiliitide komplekti, paigaldamiseks sobib öelda
# apt-get install xdp-tools
Muu hulgas paigaldatakse failisüsteemi
- /usr/bin/xdp-filter
Kasutamine
Tuumas XDP osakonna aktiveerimiseks võrgukaardi jaoks sobib öelda
# xdp-filter load ens6s18
Paketifiltri keelava reegli kehtestamiseks
# xdp-filter ip 10.40.13.242 -m src
XDP paketifiltri olukorra hindamiseks sobib öelda
# xdp-filter status ...
Reegli eemaldamiseks
# xdp-filter ip 10.40.13.242 -m src -r
Jõudlus
Kasulikud lisamaterjalid
- https://www.iovisor.org/technology/xdp
- https://github.com/Xilinx-CNS/onload
- 'Migrating from DPDK to AF_XDP for High-Performance Networking in... - Maryam Tahhan & Dave Tucker' - https://www.youtube.com/watch?v=yGZhzXN31SA
- https://www.electronicdesign.com/markets/automation/article/21136402/xilinx-smartnic-architectures-a-shift-to-accelerators-and-why-fpgas-are-poised-to-dominate
- https://github.com/aterlo/afxdp-rs
- https://www.bizety.com/2020/06/24/open-source-load-balancers-neutrino-katran-maglev-seesaw-traefix-and-haproxy/
- https://github.com/facebookincubator/katran
- https://fedepaol.github.io/blog/2023/09/06/ebpf-journey-by-examples-l4-load-balancing-with-xdp-and-katran/
- https://blog.cloudflare.com/how-to-receive-a-million-packets/
- https://blog.cloudflare.com/l4drop-xdp-ebpf-based-ddos-mitigations/
- https://events19.linuxfoundation.cn/wp-content/uploads/2017/11/Accelerating-VM-Networking-through-XDP_Jason-Wang.pdf
- https://www.knot-dns.cz/docs/latest/html/man_kxdpgun.html
- https://github.com/yeze
- https://cilium.io/blog/2021/05/20/cilium-110/#standalonelb
- https://developer.nvidia.com/blog/accelerating-with-xdp-over-mellanox-connectx-nics/
- https://blog.path.net/application-filters/
- https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/using-xdp-filter-for-high-performance-traffic-filtering-to-prevent-ddos-attacks_configuring-and-managing-networking#dropping-network-packets-that-match-an-xdp-filter-rule_using-xdp-filter-for-high-performance-traffic-filtering-to-prevent-ddos-attacks
