[XDP] packet-03 solutions

最新推荐文章于 2024-07-24 20:38:08 发布
最新推荐文章于 2024-07-24 20:38:08 发布
阅读量77 收藏
点赞数
分类专栏: XDP-learning 文章标签: linux
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/snifferzju/article/details/133687502
版权

code:

commands_for_packet03_user_script.txt

sudo ./xdp_prog_user -d right -r left  --src-mac f2:7d:79:9a:77:6f --dest-mac 26:cf:a1:79:bc:86

sudo ./xdp_prog_user -d left  -r right  --src-mac 26:cf:a1:79:bc:86  --dest-mac f2:7d:79:9a:77:6f

xdp_prog_kern.c

/* SPDX-License-Identifier: GPL-2.0 */
#include <linux/bpf.h>
#include <linux/in.h>
#include <bpf/bpf_helpers.h>
#include <bpf/bpf_endian.h>

// The parsing helper functions from the packet01 lesson have moved here
#include "../common/parsing_helpers.h"
//#include "../common/rewrite_helpers.h"

/* Defines xdp_stats_map */
#include "../common/xdp_stats_kern_user.h"
#include "../common/xdp_stats_kern.h"

#ifndef memcpy
#define memcpy(dest, src, n) __builtin_memcpy((dest), (src), (n))
#endif

#define IPV6_FLOWINFO_MASK bpf_htonl(0x0FFFFFFF)

struct {
	__uint(type, BPF_MAP_TYPE_DEVMAP);
	__type(key, int);
	__type(value, int);
	__uint(max_entries, 256);
} tx_port SEC(".maps");


struct {
	__uint(type, BPF_MAP_TYPE_HASH);
	__type(key,  unsigned char[ETH_ALEN]);
	__type(value, unsigned char[ETH_ALEN]);
	__uint(max_entries, 1);
} redirect_params SEC(".maps");

static __always_inline void swap_src_dst_mac(struct ethhdr *eth)
{
	/* Assignment 1: swap source and destination addresses in the eth.
	 * For simplicity you can use the memcpy macro defined above */
	__u8 h_tmp[ETH_ALEN];

	__builtin_memcpy(h_tmp, eth->h_source, ETH_ALEN);
	__builtin_memcpy(eth->h_source, eth->h_dest, ETH_ALEN);
	__builtin_memcpy(eth->h_dest, h_tmp, ETH_ALEN);
}

static __always_inline void swap_src_dst_ipv6(struct ipv6hdr *ipv6)
{
	/* Assignment 1: swap source and destination addresses in the iphv6dr */
	struct in6_addr tmp = ipv6->saddr;

	ipv6->saddr = ipv6->daddr;
	ipv6->daddr = tmp;
}

static __always_inline void swap_src_dst_ipv4(struct iphdr *iphdr)
{
	/* Assignment 1: swap source and destination addresses in the iphdr */
	__be32 tmp = iphdr->saddr;

	iphdr->saddr = iphdr->daddr;
	iphdr->daddr = tmp;

}

static __always_inline __u16 csum_fold_helper(__u32 csum)
{
	__u32 sum;
	sum = (csum >> 16) + (csum & 0xffff);
	sum += (sum >> 16);
	return ~sum;
}

static __always_inline __u16 icmp_checksum_diff(
		__u16 seed,
		struct icmphdr_common *icmphdr_new,
		struct icmphdr_common *icmphdr_old)
{
	__u32 csum, size = sizeof(struct icmphdr_common);

	csum = bpf_csum_diff((__be32 *)icmphdr_old, size, (__be32 *)icmphdr_new, size, seed);
	return csum_fold_helper(csum);
}

/* Implement packet03/assignment-1 in this section */
SEC("xdp")
int xdp_icmp_echo_func(struct xdp_md *ctx)
{
	void *data_end = (void *)(long)ctx->data_end;
	void *data = (void *)(long)ctx->data;
	struct hdr_cursor nh;
	struct ethhdr *eth;
	int eth_type;
	int ip_type;
	int icmp_type;
	struct iphdr *iphdr;
	struct ipv6hdr *ipv6hdr;
	__u16 echo_reply, old_csum;
	struct icmphdr_common *icmphdr;
	struct icmphdr_common icmphdr_old;
	__u32 action = XDP_PASS;

	/* These keep track of the next header type and iterator pointer */
	nh.pos = data;

	/* Parse Ethernet and IP/IPv6 headers */
	eth_type = parse_ethhdr(&nh, data_end, &eth);
	if (eth_type == bpf_htons(ETH_P_IP)) {
		ip_type = parse_iphdr(&nh, data_end, &iphdr);
		if (ip_type != IPPROTO_ICMP)
			goto out;
	} else if (eth_type == bpf_htons(ETH_P_IPV6)) {
		ip_type = parse_ip6hdr(&nh, data_end, &ipv6hdr);
		if (ip_type != IPPROTO_ICMPV6)
			goto out;
	} else {
		goto out;
	}

	/*
	 * We are using a special parser here which returns a stucture
	 * containing the "protocol-independent" part of an ICMP or ICMPv6
	 * header.  For purposes of this Assignment we are not interested in
	 * the rest of the structure.
	 */
	icmp_type = parse_icmphdr_common(&nh, data_end, &icmphdr);
	if (eth_type == bpf_htons(ETH_P_IP) && icmp_type == ICMP_ECHO) {
		/* Swap IP source and destination */
		swap_src_dst_ipv4(iphdr);
		echo_reply = ICMP_ECHOREPLY;
	} else if (eth_type == bpf_htons(ETH_P_IPV6)
		   && icmp_type == ICMPV6_ECHO_REQUEST) {
		/* Swap IPv6 source and destination */
		swap_src_dst_ipv6(ipv6hdr);
		echo_reply = ICMPV6_ECHO_REPLY;
	} else {
		goto out;
	}

	/* Swap Ethernet source and destination */
	swap_src_dst_mac(eth);

	/* Assignment 1: patch the packet and update the checksum. You can use
	 * the echo_reply variable defined above to fix the ICMP Type field. */
	icmphdr->type = echo_reply;
	icmphdr->code = 25;

	old_csum = icmphdr->cksum;
	icmphdr->cksum = 0;
	icmphdr_old = *icmphdr;
	icmphdr->type = echo_reply;
	icmphdr->cksum = icmp_checksum_diff(~old_csum, icmphdr, &icmphdr_old);

	bpf_printk("echo_reply: %d", echo_reply);

	action = XDP_TX;

out:
	return xdp_stats_record_action(ctx, action);
}

/* Assignment 2 */
SEC("xdp")
int xdp_redirect_func(struct xdp_md *ctx)
{
	void *data_end = (void *)(long)ctx->data_end;
	void *data = (void *)(long)ctx->data;
	struct hdr_cursor nh;
	struct ethhdr *eth;
	int eth_type;
	int action = XDP_PASS;
	unsigned char dst[ETH_ALEN] = {0x3e, 0x84, 0xde, 0xed, 0x84, 0x0c}; /* Assignment 2: fill in with the MAC address of the left inner interface */
	unsigned ifindex = 5; 		/* Assignment 2: fill in with the ifindex of the left interface */

	/* These keep track of the next header type and iterator pointer */
	nh.pos = data;

	/* Parse Ethernet and IP/IPv6 headers */
	eth_type = parse_ethhdr(&nh, data_end, &eth);
	if (eth_type == -1)
		goto out;

	/* Assignment 2: set a proper destination address and call the
	 * bpf_redirect() with proper parameters, action = bpf_redirect(...) */
	/* Set a proper destination address */
	memcpy(eth->h_dest, dst, ETH_ALEN);
	action = bpf_redirect(ifindex, 0);

out:
	return xdp_stats_record_action(ctx, action);
}

/* Assignment 3: nothing to do here, patch the xdp_prog_user.c program */
SEC("xdp")
int xdp_redirect_map_func(struct xdp_md *ctx)
{
	void *data_end = (void *)(long)ctx->data_end;
	void *data = (void *)(long)ctx->data;
	struct hdr_cursor nh;
	struct ethhdr *eth;
	int eth_type;
	int action = XDP_PASS;
	unsigned char *dst;

	/* These keep track of the next header type and iterator pointer */
	nh.pos = data;

	/* Parse Ethernet and IP/IPv6 headers */
	eth_type = parse_ethhdr(&nh, data_end, &eth);
	if (eth_type == -1)
		goto out;

	/* Do we know where to redirect this packet? */
	dst = bpf_map_lookup_elem(&redirect_params, eth->h_source);
	if (!dst)
		goto out;

	/* Set a proper destination address */
	memcpy(eth->h_dest, dst, ETH_ALEN);
	action = bpf_redirect_map(&tx_port, 0, 0);

out:
	return xdp_stats_record_action(ctx, action);
}

/* from include/net/ip.h */
static __always_inline int ip_decrease_ttl(struct iphdr *iph)
{
	/* Assignment 4: see samples/bpf/xdp_fwd_kern.c from the kernel */
	return --iph->ttl;
}

/* Solution to packet03/assignment-4 */
SEC("xdp")
int xdp_router_func(struct xdp_md *ctx)
{
	void *data_end = (void *)(long)ctx->data_end;
	void *data = (void *)(long)ctx->data;
	struct bpf_fib_lookup fib_params = {};
	struct ethhdr *eth = data;
	struct ipv6hdr *ip6h;
	struct iphdr *iph;
	__u16 h_proto;
	__u64 nh_off;
	int rc;
	int action = XDP_PASS;

	nh_off = sizeof(*eth);
	if (data + nh_off > data_end) {
		action = XDP_DROP;
		goto out;
	}

	h_proto = eth->h_proto;
	if (h_proto == bpf_htons(ETH_P_IP)) {
		iph = data + nh_off;

		if (iph + 1 > data_end) {
			action = XDP_DROP;
			goto out;
		}

		if (iph->ttl <= 1)
			goto out;

		fib_params.family	= AF_INET;
		fib_params.tos		= iph->tos;
		fib_params.l4_protocol	= iph->protocol;
		fib_params.sport	= 0;
		fib_params.dport	= 0;
		fib_params.tot_len	= bpf_ntohs(iph->tot_len);
		fib_params.ipv4_src	= iph->saddr;
		fib_params.ipv4_dst	= iph->daddr;
	} else if (h_proto == bpf_htons(ETH_P_IPV6)) {
		struct in6_addr *src = (struct in6_addr *) fib_params.ipv6_src;
		struct in6_addr *dst = (struct in6_addr *) fib_params.ipv6_dst;

		ip6h = data + nh_off;
		if (ip6h + 1 > data_end) {
			action = XDP_DROP;
			goto out;
		}

		if (ip6h->hop_limit <= 1)
			goto out;

		fib_params.family	= AF_INET6;
		fib_params.flowinfo	= *(__be32 *) ip6h & IPV6_FLOWINFO_MASK;
		fib_params.l4_protocol	= ip6h->nexthdr;
		fib_params.sport	= 0;
		fib_params.dport	= 0;
		fib_params.tot_len	= bpf_ntohs(ip6h->payload_len);
		*src			= ip6h->saddr;
		*dst			= ip6h->daddr;
	} else {
		goto out;
	}

	fib_params.ifindex = ctx->ingress_ifindex;

	rc = bpf_fib_lookup(ctx, &fib_params, sizeof(fib_params), 0);
	switch (rc) {
	case BPF_FIB_LKUP_RET_SUCCESS:         /* lookup successful */
		if (h_proto == bpf_htons(ETH_P_IP))
			ip_decrease_ttl(iph);
		else if (h_proto == bpf_htons(ETH_P_IPV6))
			ip6h->hop_limit--;

		memcpy(eth->h_dest, fib_params.dmac, ETH_ALEN);
		memcpy(eth->h_source, fib_params.smac, ETH_ALEN);
		action = bpf_redirect(fib_params.ifindex, 0);
		break;
	case BPF_FIB_LKUP_RET_BLACKHOLE:    /* dest is blackholed; can be dropped */
	case BPF_FIB_LKUP_RET_UNREACHABLE:  /* dest is unreachable; can be dropped */
	case BPF_FIB_LKUP_RET_PROHIBIT:     /* dest not allowed; can be dropped */
		action = XDP_DROP;
		break;
	case BPF_FIB_LKUP_RET_NOT_FWDED:    /* packet is not forwarded */
	case BPF_FIB_LKUP_RET_FWD_DISABLED: /* fwding is not enabled on ingress */
	case BPF_FIB_LKUP_RET_UNSUPP_LWT:   /* fwd requires encapsulation */
	case BPF_FIB_LKUP_RET_NO_NEIGH:     /* no neighbor entry for nh */
	case BPF_FIB_LKUP_RET_FRAG_NEEDED:  /* fragmentation required to fwd */
		/* PASS */
		break;
	}

out:
	return xdp_stats_record_action(ctx, action);
}

#if 0
/* Assignment 4: Complete this router program */
SEC("xdp")
int xdp_router_func(struct xdp_md *ctx)
{
	void *data_end = (void *)(long)ctx->data_end;
	void *data = (void *)(long)ctx->data;
	struct bpf_fib_lookup fib_params = {};
	struct ethhdr *eth = data;
	struct ipv6hdr *ip6h;
	struct iphdr *iph;
	__u16 h_proto;
	__u64 nh_off;
	int rc;
	int action = XDP_PASS;

	nh_off = sizeof(*eth);
	if (data + nh_off > data_end) {
		action = XDP_DROP;
		goto out;
	}

	h_proto = eth->h_proto;
	if (h_proto == bpf_htons(ETH_P_IP)) {
		iph = data + nh_off;

		if (iph + 1 > data_end) {
			action = XDP_DROP;
			goto out;
		}

		if (iph->ttl <= 1)
			goto out;

		/* Assignment 4: fill the fib_params structure for the AF_INET case */
	} else if (h_proto == bpf_htons(ETH_P_IPV6)) {
		/* These pointers can be used to assign structures instead of executing memcpy: */
		/* struct in6_addr *src = (struct in6_addr *) fib_params.ipv6_src; */
		/* struct in6_addr *dst = (struct in6_addr *) fib_params.ipv6_dst; */

		ip6h = data + nh_off;
		if (ip6h + 1 > data_end) {
			action = XDP_DROP;
			goto out;
		}

		if (ip6h->hop_limit <= 1)
			goto out;

		/* Assignment 4: fill the fib_params structure for the AF_INET6 case */
	} else {
		goto out;
	}

	fib_params.ifindex = ctx->ingress_ifindex;

	rc = bpf_fib_lookup(ctx, &fib_params, sizeof(fib_params), 0);
	switch (rc) {
	case BPF_FIB_LKUP_RET_SUCCESS:         /* lookup successful */
		if (h_proto == bpf_htons(ETH_P_IP))
			ip_decrease_ttl(iph);
		else if (h_proto == bpf_htons(ETH_P_IPV6))
			ip6h->hop_limit--;

		/* Assignment 4: fill in the eth destination and source
		 * addresses and call the bpf_redirect function */
		/* memcpy(eth->h_dest, ???, ETH_ALEN); */
		/* memcpy(eth->h_source, ???, ETH_ALEN); */
		/* action = bpf_redirect(???, 0); */
		break;
	case BPF_FIB_LKUP_RET_BLACKHOLE:    /* dest is blackholed; can be dropped */
	case BPF_FIB_LKUP_RET_UNREACHABLE:  /* dest is unreachable; can be dropped */
	case BPF_FIB_LKUP_RET_PROHIBIT:     /* dest not allowed; can be dropped */
		action = XDP_DROP;
		break;
	case BPF_FIB_LKUP_RET_NOT_FWDED:    /* packet is not forwarded */
	case BPF_FIB_LKUP_RET_FWD_DISABLED: /* fwding is not enabled on ingress */
	case BPF_FIB_LKUP_RET_UNSUPP_LWT:   /* fwd requires encapsulation */
	case BPF_FIB_LKUP_RET_NO_NEIGH:     /* no neighbor entry for nh */
	case BPF_FIB_LKUP_RET_FRAG_NEEDED:  /* fragmentation required to fwd */
		/* PASS */
		break;
	}

out:
	return xdp_stats_record_action(ctx, action);
}
#endif

SEC("xdp")
int xdp_pass_func(struct xdp_md *ctx)
{
	return XDP_PASS;
}

char _license[] SEC("license") = "GPL";

xdp_prog_user.c

/* SPDX-License-Identifier: GPL-2.0 */

static const char *__doc__ = "XDP redirect helper\n"
	" - Allows to populate/query tx_port and redirect_params maps\n";

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <getopt.h>
#include <stdbool.h>

#include <locale.h>
#include <unistd.h>
#include <time.h>

#include <bpf/bpf.h>
#include <bpf/libbpf.h>

#include <net/if.h>
#include <linux/if_ether.h>
#include <linux/if_link.h> /* depend on kernel-headers installed */

#include "../common/common_params.h"
#include "../common/common_libbpf.h"
#include "../common/common_user_bpf_xdp.h"
#include "../common/xdp_stats_kern_user.h"

#define PATH_MAX	4096

int open_bpf_map_file(const char *pin_dir,
		      const char *mapname,
		      struct bpf_map_info *info)
{
	char filename[PATH_MAX];
	int err, len, fd;
	__u32 info_len = sizeof(*info);

	len = snprintf(filename, PATH_MAX, "%s/%s", pin_dir, mapname);
	if (len < 0) {
		fprintf(stderr, "ERR: constructing full mapname path\n");
		return -1;
	}

	fd = bpf_obj_get(filename);
	if (fd < 0) {
		fprintf(stderr,
			"WARN: Failed to open bpf map file:%s err(%d):%s\n",
			filename, errno, strerror(errno));
		return fd;
	}

	if (info) {
		err = bpf_obj_get_info_by_fd(fd, info, &info_len);
		if (err) {
			fprintf(stderr, "ERR: %s() can't get info - %s\n",
				__func__,  strerror(errno));
			return EXIT_FAIL_BPF;
		}
	}

	return fd;
}

static const struct option_wrapper long_options[] = {

	{{"help",        no_argument,		NULL, 'h' },
	 "Show help", false},

	{{"dev",         required_argument,	NULL, 'd' },
	 "Operate on device <ifname>", "<ifname>", true},

	{{"redirect-dev",         required_argument,	NULL, 'r' },
	 "Redirect to device <ifname>", "<ifname>", true},

	{{"src-mac", required_argument, NULL, 'L' },
	 "Source MAC address of <dev>", "<mac>", true },

	{{"dest-mac", required_argument, NULL, 'R' },
	 "Destination MAC address of <redirect-dev>", "<mac>", true },

	{{"quiet",       no_argument,		NULL, 'q' },
	 "Quiet mode (no output)"},

	{{0, 0, NULL,  0 }, NULL, false}
};

static int parse_u8(char *str, unsigned char *x)
{
	unsigned long z;

	z = strtoul(str, 0, 16);
	if (z > 0xff)
		return -1;

	if (x)
		*x = z;

	return 0;
}

static int parse_mac(char *str, unsigned char mac[ETH_ALEN])
{
	if (parse_u8(str, &mac[0]) < 0)
		return -1;
	if (parse_u8(str + 3, &mac[1]) < 0)
		return -1;
	if (parse_u8(str + 6, &mac[2]) < 0)
		return -1;
	if (parse_u8(str + 9, &mac[3]) < 0)
		return -1;
	if (parse_u8(str + 12, &mac[4]) < 0)
		return -1;
	if (parse_u8(str + 15, &mac[5]) < 0)
		return -1;

	return 0;
}

static int write_iface_params(int map_fd, unsigned char *src, unsigned char *dest)
{
	if (bpf_map_update_elem(map_fd, src, dest, 0) < 0) {
		fprintf(stderr,
			"WARN: Failed to update bpf map file: err(%d):%s\n",
			errno, strerror(errno));
		return -1;
	}

	printf("forward: %02x:%02x:%02x:%02x:%02x:%02x -> %02x:%02x:%02x:%02x:%02x:%02x\n",
			src[0], src[1], src[2], src[3], src[4], src[5],
			dest[0], dest[1], dest[2], dest[3], dest[4], dest[5]
	      );

	return 0;
}

#ifndef PATH_MAX
#define PATH_MAX 4096
#endif

const char *pin_basedir =  "/sys/fs/bpf";

int main(int argc, char **argv)
{
	int i;
	int len;
	int map_fd;
	bool redirect_map;
	char pin_dir[PATH_MAX];
	unsigned char src[ETH_ALEN];
	unsigned char dest[ETH_ALEN];

	struct config cfg = {
		.ifindex   = -1,
		.redirect_ifindex   = -1,
	};

	/* Cmdline options can change progname */
	parse_cmdline_args(argc, argv, long_options, &cfg, __doc__);

	redirect_map = (cfg.ifindex > 0) && (cfg.redirect_ifindex > 0);

	if (cfg.redirect_ifindex > 0 && cfg.ifindex == -1) {
		fprintf(stderr, "ERR: required option --dev missing\n\n");
		usage(argv[0], __doc__, long_options, (argc == 1));
		return EXIT_FAIL_OPTION;
	}

	len = snprintf(pin_dir, PATH_MAX, "%s/%s", pin_basedir, cfg.ifname);
	if (len < 0) {
		fprintf(stderr, "ERR: creating pin dirname\n");
		return EXIT_FAIL_OPTION;
	}

	if (parse_mac(cfg.src_mac, src) < 0) {
		fprintf(stderr, "ERR: can't parse mac address %s\n", cfg.src_mac);
		return EXIT_FAIL_OPTION;
	}

	if (parse_mac(cfg.dest_mac, dest) < 0) {
		fprintf(stderr, "ERR: can't parse mac address %s\n", cfg.dest_mac);
		return EXIT_FAIL_OPTION;
	}

	/* Open the tx_port map corresponding to the cfg.ifname interface */
	map_fd = open_bpf_map_file(pin_dir, "tx_port", NULL);
	if (map_fd < 0) {
		return EXIT_FAIL_BPF;
	}

	printf("map dir: %s\n", pin_dir);

	if (redirect_map) {
		/* setup a virtual port for the static redirect */
		i = 0;
		bpf_map_update_elem(map_fd, &i, &cfg.redirect_ifindex, 0);
		printf("redirect from ifnum=%d to ifnum=%d\n", cfg.ifindex, cfg.redirect_ifindex);

		/* Open the redirect_params map */
		map_fd = open_bpf_map_file(pin_dir, "redirect_params", NULL);
		if (map_fd < 0) {
			return EXIT_FAIL_BPF;
		}

		/* Setup the mapping containing MAC addresses */
		if (write_iface_params(map_fd, src, dest) < 0) {
			fprintf(stderr, "can't write iface params\n");
			return 1;
		}
	}

	return EXIT_OK;
}
zju_sg
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
XDP-Tutorial: 探索高速网络数据处理的新境界
05-04
XDP-Tutorial 旨在帮助开发者和网络工程师学习并掌握eXpress Data Path(简称XDP),这是一种由Linux内核提供的高效、低延迟的数据包处理框架。该项目通过一系列教程和示例代码,引导用户深入了解XDP的原理与实践应用。
ebpf开发问题汇总
weixin_45485072的博客
08-03 602
用bpf_obj_get来获取MAP的描述符,然后用bpf_map_reuse_fd函数来在不同program之间复用。
linux内核ip_forward参数详解
dillanzhou的博客
10-20 9047
linux服务器经常被用来提供防火墙、路由器、NAT等功能,在这些场景下,linux内核需要将网卡上收到的报文转发给其他网络设备。linux内核提供了ip_forward参数用于开关内核的报文转发功能,只有这个开关被打开时,内核才会执行报文的转发。网上能找到不少文章介绍ip_forward参数的基本用途和配置方式,但没有什么文章具体介绍这个参数配置后具体会对内核的网络行为产生哪些影响,以及在内核中是如何实现的。而这些问题的答案对转发功能的使用方式会产生很大的影响。
eBPF/XDP加速报文转发
程序创坊
04-04 4513
eBPF/XDP加速网络转发
[XDP] packet-02 solutions
snifferzju的博客
10-08 42
XDP
《Cloud Native》云原生技术汇总
静静是我女朋友
03-23 7288
An awesome &amp;amp;amp; curated list of best applications and tools for Cloud Native. This Awesome Repository is highly inspired from cncf’s landscape &amp;amp;amp; Awesome. Items marked with ![Op...
FastNetMon 使用笔记
奋斗中拥有
08-20 2428
FastNetMon 使用笔记 FastNetMon是一个高性能的DoS/DDoS检测: 支持多种抓包引擎: netmap, PF_RING, PCAP, AF_PACKET, AF_XDP;; 支持多种流量解析: NetFlow v5, v9, IPFIX, sFLOW v4, v5, Port mirror/SPAN; 支持BGP联动: ExaBGP, GoBGP; 支持黑洞模式 & BGP Flow spec 模式; 支持 Redis, MongoDB, Grafana & Influ
【翻译】 Intel(R) 800 Series序列网卡 ice 驱动安装
bandaoyu的note
01-08 3519
概述 ======== 此驱动程序支持内核版本3.10.0及更新版本。但是,有些功能可能需要更新的内核版本。关联的虚拟功能(VF)驱动程序对于这个驱动程序,是iavf。可以使用ethtool、lspci和ip获取驱动程序信息。 更新ethtool时,说明书可在在本文件中稍后的“附加配置”部分中找到。 目前仅支持将此驱动程序作为可加载模块。英特尔不是针对内核源提供补丁。 有关硬件要求的问题,请参阅随英特尔适配器提供的文档。列出的所有硬件要求均适用于Linux。 此驱动程序支持内核4.14及更高版本
7 -->详解《switch 数据接收驱动框架、mtk7621集成交换芯片mt7530》之三
weixin_38387929的博客
06-24 1884
一、简述 mt7530 交换芯片的数据接收中断后,把具体接收数据工作任务、委托到 workqueue 队列中,让内核 work_thread () 线程任务来处理。这部分内容请参考《workqueue 工作原理》中的描述。 workqueue 基本工作流框架如下: 框架业务关系: 1、程序把work单、加入至workqueue 中,就等于把工作安排好,是工单的生成者、派遣者; 2、worker_pool 是工厂、提供工作的场地,worker是工人、负责执行工单,消费者; 3、PWQ(pool workq
xdp-tools-1.2.9
06-12
总结来说,XDP-tools 1.2.9提供了一整套工具,帮助开发者充分利用XDP框架的性能优势,实现高效的网络数据包处理。无论是网络安全、性能优化还是流量分析,XDP都为现代数据中心和云计算环境提供了强大的解决方案。
xdp-srv6-adder:添加任意段路由扩展头
03-25
XDP-SRv6-Adder 该软件包包含一个用户空间程序和相应的内核xdp程序,用于为客户端执行所有XDP封装。 该程序基于并使用大多数用户空间xdp代码。 我再次用内联方式编写了所有内容,因为我在使用外部封装的IPQ40xx SOC...
基于eBPF/XDP实现conntrack功能
06-19
但是 XDP 位置在进入网络栈之前,无法利用到内核栈的 conntrack 能力, Cilium 应该遇到同样的问题, 所以 Cilium 基于 eBPF 实现了 conntrack;换句话说,只要具备 Hook 能力,能拦截进出主机的每个报文,完全可以...
xdp-tools-1.1.1-2.el8.aarch64.rpm
12-23
官方离线安装包,测试可用。使用rpm -ivh [rpm完整包名] 进行安装
【】 Intel(R) 800 Series序列网卡 ice 驱动安装
小鱼菜鸟的博客
07-22 2636
概述 ======== 此驱动程序支持内核版本3.10.0及更新版本。但是,有些功能可能需要更新的内核版本。关联的虚拟功能(VF)驱动程序对于这个驱动程序,是iavf。可以使用ethtool、lspci和ip获取驱动程序信息。 更新ethtool时,说明书可在在本文件中稍后的“附加配置”部分中找到。 目前仅支持将此驱动程序作为可加载模块。英特尔不...
Linux:基础命令学习
qq_55038440的博客
07-20 1459
实例:-F根据文件类型在列出的文件名称后加一符号。实例: -R 递归显示目录中的所有文件和子目录。. 开头的隐藏文件也会列出。可执行文件则加 "*",用于显示目录文件信息。
LINUX之MMC子系统分析
gy794627991的博客
07-23 1081
MMC子系统从协议到源码分析
Linux】条件变量及生产者消费者模型
2301_78636079的博客
07-23 1107
条件变量与生产消费者模型
RK3568 Linux 平台开发系列讲解(内核入门篇):从内核的角度看外设芯片的驱动
最新发布
小灰灰的博客
07-24 766
从内核的角度看外设芯片的驱动,需要理解驱动的基本结构、设备树的使用以及内核的 I/O 机制。通过掌握这些知识,您将能够有效地开发和管理外设驱动程序。希望本文为您在 RK3568 平台的驱动开发提供了有价值的参考,欢迎继续关注后续的内容!
Linux xdp详解
05-12
XDP(eXpress Data Path)是Linux内核中的一种高效、低延迟的数据包处理技术,它可以在数据包进入内核网络协议栈之前进行处理,从而避免了协议栈带来的性能开销。XDP主要用于数据包的过滤、转发、负载均衡等场景,可以在数据包处理过程中进行各种自定义操作,如修改数据包头、丢弃数据包等。 下面是Linux XDP的详细介绍: 1. XDP程序的开发 XDP程序是用C语言编写的,需要先安装相关的开发环境和依赖库,如clang、libbpf等。XDP程序需要使用eBPF技术来对数据包进行处理,因此需要熟悉eBPF的基本语法和数据结构。具体的开发步骤可以参考官方文档和相关教程。 2. XDP程序的加载 XDP程序可以通过几种方法加载到内核中,如使用iproute2工具中的ip命令、使用BPF系统调用、使用libbpf库等。加载XDP程序时需要指定网卡名称和XDP处理模式,如XDP_DROP、XDP_TX等。加载成功后,XDP程序会与网卡进行绑定,并开始处理接收到的数据包。 3. XDP程序的执行流程 当数据包到达网卡时,XDP程序会被触发进行处理。XDP程序可以访问数据包的各个字段,如源IP地址、目的IP地址、协议类型等,在此基础上进行过滤、转发等操作。XDP程序执行完成后,可以选择将数据包交给协议栈继续处理,也可以选择直接丢弃数据包。XDP程序的执行速度非常快,因此可以大大提升网络应用的性能。 4. XDP程序的应用场景 XDP程序可以应用于各种网络场景,如DDoS防护、网络监控、负载均衡等。实际应用中,可以根据具体需求编写不同的XDP程序,实现各种自定义功能。例如,在DDoS防护场景中,可以编写XDP程序对数据包进行过滤,防止恶意攻击;在负载均衡场景中,可以编写XDP程序对数据包进行分类,实现负载均衡等功能。 5. XDP程序的性能优化 为了进一步提高XDP程序的性能,可以采用一些优化技术,如使用多核CPU、使用XDP_REDIRECT模式等。多核CPU可以提高XDP程序的并发处理能力,同时使用XDP_REDIRECT模式可以将数据包发送到用户态应用程序中进行处理,从而进一步提高网络应用的性能。 以上就是Linux XDP的详细介绍,希望对你有所帮助。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值