Journal article Open Access
Fast Packet Processing with eBPF and XDP: Concepts, Code, Challenges and Applications
Marcos A. M. Vieira;
Matheus S. Castanho;
Racyus D. G. Pacífico;
Elerson R. S. Santos;
Eduardo P. M. Câmara Júnior;
Luiz F. M. Vieira
Extended Berkeley Packet Filter (eBPF) is an instruction set and an execution environment inside the Linux kernel. It enables modification, interaction and kernel programmability at runtime. eBPF can be used to program the eXpress Data Path (XDP), a kernel network layer that processes packets closer to the NIC for fast packet processing. Developers can write programs in C or P4 languages and then compile to eBPF instructions, which can be processed by the kernel or by programmable devices (e.g. SmartNICs). Since its introduction in 2014, eBPF has been rapidly adopted by major companies such as Facebook, Cloudflare, and Netronome. Use cases include network monitoring, network traffic manipulation, load balancing, and system profiling. This work aims to present eBPF to an inexpert audience, covering the main theoretical and fundamental aspects of eBPF and XDP, as well as introducing the reader to simple examples to give insight into the general operation and use of both technologies.
| Name | Size | |
|---|---|---|
|
bpf-tutorial-master.zip
md5:3bce2f95817a6bc7b400de0e55cf47d9 |
593.1 kB | Download |
| All versions | This version | |
|---|---|---|
| Views | 631 | 630 |
| Downloads | 84 | 84 |
| Data volume | 49.8 MB | 49.8 MB |
| Unique views | 583 | 582 |
| Unique downloads | 82 | 82 |
- Publication date:
- November 29, 2019
- DOI:
-
- Keyword(s):
- Networks programming interfaces Networks middle boxes / network appliances Networks end nodes
- License (for files):
- Creative Commons Attribution 1.0 Generic