Chapter 7. Express Data Path
Express Data Path (XDP) is a safe, programmable, high-performance, kernel-integrated packet processor in the Linux network data path that executes BPF programs when the NIC driver receives a packet. This allows XDP programs to make decisions regarding the received packet (drop, modify, or just allow it) at the earliest possible point in time.
The execution point is not the only aspect that makes XDP programs fast; other design decisions play a role in that:
-
There are no memory allocations while doing packet processing with XDP.
-
XDP programs work only with linear, unfragmented packets and have the start and end pointers of the packet.
-
There’s no access to full packet metadata, which is why the input context this kind of program receives will be of type
xdp_buffinstead of thesk_buffstruct you encountered in Chapter 6. -
Because they are eBPF programs, XDP programs have a bounded execution time, and the consequence of this is that their usage has a fixed cost in the networking pipeline.
When talking about XDP, it is important to remember that it is not a kernel bypass mechanism; it is designed to be integrated with other kernel components and the internal Linux security model.
Note
The xdp_buff struct is used to present a packet context to a BPF program that uses the direct packet access mechanism provided by the XDP framework. Think of it as a “lightweight” version of the sk_buff.
The difference between the two is that sk_buff also holds and ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access