Making the Kernel's Networking Data Path Programmable with BPF and XDP
BPF in Linux is gaining widespread attention as a framework for making the Linux kernel programmable, most notably in tracing, networking and security subsystems. This talk highlights the networking s …
| Talk Title | Making the Kernel's Networking Data Path Programmable with BPF and XDP |
| Speakers | Daniel Borkmann (Software Engineer, Covalent) |
| Conference | Open Source Summit North America |
| Conf Tag | |
| Location | Los Angeles, CA, United States |
| Date | Sep 10-14, 2017 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
BPF in Linux is gaining widespread attention as a framework for making the Linux kernel programmable, most notably in tracing, networking and security subsystems. This talk highlights the networking side by providing an overview of what BPF is and how it integrates into tc (traffic control) and the recently introduced XDP (eXpress Data Path). With the latter, the kernel gains a high-performance programmable networking data path that operates directly at the driver layer, suitable for use-cases such as DDoS prevention or load balancing in data centers. The talk will also briefly cover projects such as Cilium which orchestrates BPF for tc and XDP in order to provide security and load balancing for containers. Last but not least, recent advances and improvements in the Linux kernel on BPF and XDP are discussed.
