Express Data Path-202306122251

Last updated Jun 13, 2023 Edit Source

• Articles
• E bpf
• Xdp
• Netfilter

Summary for xdp-paper/xdp-the-express-data-path.pdf at master · tohojo/xdp-paper · GitHub

• The XDP is eBPF based hook
• The XDP can attach to the network interface controller
  • just after the Interrupt processing
• Whenever a new packet is received on the network interface, XDP programs receive a callback, and perform operations on the packet.

XDP is the first stage of the entire flow.

• XDP integration with the Linux network stack
• On the packet arrival, before touching the packet data, the device driver executes an eBPF program in the main XDP hook.
• There are 5 xdp actions this program can takes :
  • XDP_ABORTED: error or unexpected
  • XDP_DROP: drop packets
  • XDP_TX: send them back out the same interface face it was received on
  • XDP_REDIRECT: redirect to
    • another interface, including vNICs of virtual machines
    • userspace(through the Af_XDP socket)
  • XDP_PASS: allow to proceed the regular networking stack, where a separate TC BPF hook can perfrom further processing before packets are queued for transmission

• This diagram show the execution flow of a typical XDP program.
• There are 4 major components of the XDP system:
  • The XDP driver hook is the entry point for an XDP program, and it’s executed when a packet is received from a hardware.
  • The eBPF virtual machine execute the byte code of the XDP program, and just-in-time-compiles it for increased performance.
  • BPF maps are key/value stores that server as the primary communication channel to the rest of the system.
  • The eBPF verifier statically verifies programs before they are loaded to make sure they do not crash or corrupt the running kernel

• Netfilter - Wikipedia
• xdp-paper/xdp-the-express-data-path.pdf at master · tohojo/xdp-paper · GitHub