lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CALx6S37q7RFJgLtKDNB6EuOBZaVJ03-Lp8eEZBRcgvJgBbyNVA@mail.gmail.com>
Date:	Tue, 31 May 2016 14:22:08 -0700
From:	Tom Herbert <tom@...bertland.com>
To:	Linux Kernel Network Developers <netdev@...r.kernel.org>
Subject: Update on XDP

Hello netdev,

XDP (eXpress Data Path) is a high performance, programmable network
data path that is being developed as a community effort (initially
within IO-visor). XDP will be useful for packet processing in
forwarding, load balancing, DOS mitigation, firewalls, etc. See
https://github.com/iovisor/bpf-docs/blob/master/Express_Data_Path.pdf
for a description.

To achieve high performance, XDP runs as a thin layer at this lowest
levels of the stack with minimal infrastructure. For instance, in
Linux, XDP runs directly of the device drivers and operates directly
on receive buffers and an abstracted receive descriptor instead of
skbufs. XDP does not require specialized hardware, but does allow
leveraging various advanced HW features.

Programmability in XDP is provided by BPF,  a small set of helper
functions, and a well defined input-output API. XDP is intended to be
platform agnostic following the principle of "write once, run
anywhere", so we are expecting that XDP programs can run in the OS
(Linux and others), HW (via offload), or in userspace (over DPDK for
instance).

We have made some good progress in the Linux implementation and are
able to demonstrate single CPU packet drop performance in excess of
14M pps, and packet forwarding in excess of 10M pps. Work on real
world use cases is commencing-- L4 load balancer, DOS mitigation, and
an ILA router. We hope to have patches posted and a more detailed
introduction of XDP for netdev 1.2.

If you are interested in XDP development and discussion please join
the iovisor-dev mailing list. Also, we will be holding an XDP summit
on June 23-- if you are actively working on XDP right now, or believe
that work on XDP is imminent, please contact me about an invitation.

Thanks,
Tom

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ