324:
192:
230:
The eBPF program must pass a preverifier test before being loaded, to avoid executing malicious code in kernel space. The preverifier checks that the program contains no out-of-bounds accesses, loops or global variables.
273:
XDP requires support in the NIC driver but, as not all drivers support it, it can fallback to a generic implementation, which performs the eBPF processing in the network stack, though with slower performance.
312:
between kernel and applications. As the socket can be used for both receiving and transmitting, it supports high performance network applications purely in user space.
215:
The idea behind XDP is to add an early hook in the RX path of the kernel, and let a user supplied eBPF program decide the fate of the packet. The hook is placed in the
227:
itself, because memory allocation can be an expensive operation. Due to this design, XDP can drop 26 million packets per second per core with commodity hardware.
546:
522:
765:
760:
453:
775:
750:
277:
XDP has infrastructure to offload the eBPF program to a network interface controller which supports it, reducing the CPU load. In 2023, only
329:
234:
The program is allowed to edit the packet data and, after the eBPF program returns, an action code determines what to do with the packet:
304:
entered in the Linux kernel starting 4.18. AF_XDP, formerly known as AF_PACKETv4 (which was never included in the mainline kernel), is a
755:
740:
745:
730:
688:
400:
216:
706:
425:
735:
570:
168:
124:
83:
171:. Large technology firms including Amazon, Google and Intel support its development. Microsoft released their
373:
770:
523:"BPF, eBPF, XDP and Bpfilter… What are these things and what do they mean for the enterprise? - Netronome"
670:
679:
498:
172:
615:
106:
624:
337:
204:
99:
697:
430:
200:
160:
157:
118:
90:
47:
715:
642:
347:
652:
305:
301:
153:
111:
191:
724:
619:
342:
224:
196:
164:
455:
Source text and experimental data for our paper describing XDP: tohojo/xdp-paper
180:
129:
633:
284:
Microsoft is partnering with other companies and adding support for XDP in its
683:
674:
628:
319:
37:
25:
309:
278:
220:
149:
55:
692:
208:
656:
646:
637:
378:
285:
43:
588:
474:
660:
265:: redirect the packet to another NIC or user space socket via the
190:
95:
51:
289:
145:
308:
optimized for high performance packet processing and allows
666:
eBPF.io - Introduction, Tutorials & Community
Resources
223:
processing, and before any memory allocation needed by the
547:"kernel/git/torvalds/linux.git - Linux kernel source tree"
167:
since version 4.8. This implementation is licensed under
589:"Accelerating networking with AF_XDP [LWN.net]"
689:
Open-sourcing Katran, a scalable network load balancer
259:: bounce the packet back to the same NIC it arrived on
710:
701:
665:
475:"A thorough introduction to eBPF [LWN.net]"
367:
365:
363:
241:: let the packet continue through the network stack
117:
105:
89:
79:
61:
36:
24:
426:"Microsoft introduced open-source XDP for Windows"
16:High performance packet data path in the OS kernel
374:"Microsoft brings Linux XDP project to Windows"
8:
253:: drop the packet with trace point exception
19:
698:Cilium's L4LB: standalone XDP load balancer
18:
571:"Questions about AF_PACKET V4 and AF_XDP"
401:"[GIT] Networking - David Miller"
707:Kube-proxy replacement at the XDP layer
680:Unimog: Cloudflare's edge load balancer
359:
156:at high rates by bypassing most of the
716:eCHO Podcast on XDP and load balancing
452:Høiland-Jørgensen, Toke (2019-05-03),
7:
330:Free and open-source software portal
179:in May 2022. It is licensed under
14:
322:
649:2017 by Daniel Borkmann, Cilium
766:Software using the MIT license
761:Software using the GPL license
1:
776:Free software programmed in C
751:Free and open-source software
671:L4Drop: XDP DDoS Mitigations
424:Yasar, Erdem (25 May 2022).
372:Jawad, Usama (25 May 2022).
219:(NIC) driver just after the
217:network interface controller
266:
792:
247:: silently drop the packet
67:; 8 years ago
659:2018 by Magnus Karlsson,
195:Packet flow paths in the
152:used to send and receive
148:-based high-performance
756:Microsoft free software
741:Linux security software
42:Open source community,
300:Along with XDP, a new
288:implementation of the
212:
163:. It is merged in the
746:Linux kernel features
731:Command-line software
194:
625:AF_XDP documentation
503:www.mail-archive.com
173:free and open source
199:. XDP bypasses the
21:
499:"net: Generic XDP"
281:cards support it.
213:
26:Original author(s)
736:Firewall software
616:XDP documentation
527:www.netronome.com
338:Application layer
205:memory allocation
142:eXpress Data Path
135:
134:
783:
603:
602:
600:
599:
585:
579:
578:
567:
561:
560:
558:
557:
543:
537:
536:
534:
533:
519:
513:
512:
510:
509:
495:
489:
488:
486:
485:
471:
465:
464:
463:
462:
449:
443:
442:
440:
438:
421:
415:
414:
412:
411:
397:
391:
390:
388:
386:
369:
332:
327:
326:
325:
264:
258:
252:
246:
240:
201:networking stack
161:networking stack
158:operating system
112:Packet filtering
91:Operating system
75:
73:
68:
22:
791:
790:
786:
785:
784:
782:
781:
780:
721:
720:
643:XDP walkthrough
634:xdp-for-windows
612:
607:
606:
597:
595:
587:
586:
582:
569:
568:
564:
555:
553:
545:
544:
540:
531:
529:
521:
520:
516:
507:
505:
497:
496:
492:
483:
481:
473:
472:
468:
460:
458:
451:
450:
446:
436:
434:
423:
422:
418:
409:
407:
405:lore.kernel.org
399:
398:
394:
384:
382:
371:
370:
361:
356:
348:Data link layer
328:
323:
321:
318:
298:
262:
256:
250:
244:
238:
189:
177:XDP for Windows
175:implementation
154:network packets
127:
71:
69:
66:
62:Initial release
31:
30:Brenden Blanco,
17:
12:
11:
5:
789:
787:
779:
778:
773:
768:
763:
758:
753:
748:
743:
738:
733:
723:
722:
719:
718:
713:
704:
695:
686:
677:
668:
663:
650:
640:
631:
622:
611:
610:External links
608:
605:
604:
580:
562:
551:git.kernel.org
538:
514:
490:
466:
444:
416:
392:
358:
357:
355:
352:
351:
350:
345:
340:
334:
333:
317:
314:
302:address family
297:
294:
271:
270:
269:address family
260:
254:
248:
242:
188:
185:
133:
132:
121:
115:
114:
109:
103:
102:
93:
87:
86:
81:
77:
76:
63:
59:
58:
40:
34:
33:
28:
15:
13:
10:
9:
6:
4:
3:
2:
788:
777:
774:
772:
771:2016 software
769:
767:
764:
762:
759:
757:
754:
752:
749:
747:
744:
742:
739:
737:
734:
732:
729:
728:
726:
717:
714:
712:
708:
705:
703:
699:
696:
694:
690:
687:
685:
681:
678:
676:
672:
669:
667:
664:
662:
658:
654:
651:
648:
644:
641:
639:
635:
632:
630:
626:
623:
621:
620:Read the Docs
617:
614:
613:
609:
594:
590:
584:
581:
576:
572:
566:
563:
552:
548:
542:
539:
528:
524:
518:
515:
504:
500:
494:
491:
480:
476:
470:
467:
457:
456:
448:
445:
433:
432:
427:
420:
417:
406:
402:
396:
393:
381:
380:
375:
368:
366:
364:
360:
353:
349:
346:
344:
343:Network layer
341:
339:
336:
335:
331:
320:
315:
313:
311:
307:
303:
295:
293:
291:
287:
282:
280:
275:
268:
261:
255:
249:
243:
237:
236:
235:
232:
228:
226:
225:network stack
222:
218:
210:
206:
202:
198:
193:
186:
184:
182:
178:
174:
170:
166:
162:
159:
155:
151:
147:
143:
139:
131:
126:
122:
120:
116:
113:
110:
108:
104:
101:
97:
94:
92:
88:
85:
82:
78:
64:
60:
57:
53:
49:
45:
41:
39:
35:
29:
27:
23:
596:. Retrieved
592:
583:
574:
565:
554:. Retrieved
550:
541:
530:. Retrieved
526:
517:
506:. Retrieved
502:
493:
482:. Retrieved
478:
469:
459:, retrieved
454:
447:
435:. Retrieved
429:
419:
408:. Retrieved
404:
395:
383:. Retrieved
377:
299:
283:
276:
272:
263:XDP_REDIRECT
233:
229:
214:
197:Linux kernel
176:
165:Linux kernel
141:
137:
136:
38:Developer(s)
251:XDP_ABORTED
207:for packet
181:MIT License
130:MIT License
32:Tom Herbert
725:Categories
684:Cloudflare
675:Cloudflare
629:kernel.org
598:2019-05-16
575:Kernel.org
556:2019-05-16
532:2019-05-14
508:2019-05-14
484:2019-05-14
461:2019-05-21
410:2019-05-14
354:References
306:raw socket
292:protocol.
80:Written in
310:zero-copy
279:Netronome
221:interrupt
187:Data path
150:data path
128:Windows:
56:Microsoft
693:Facebook
316:See also
245:XDP_DROP
239:XDP_PASS
209:metadata
144:) is an
593:lwn.net
479:lwn.net
123:Linux:
119:License
100:Windows
70: (
711:Cilium
702:Cilium
657:FOSDEM
653:AF_XDP
647:FOSDEM
638:GitHub
437:26 May
431:cloud7
385:26 May
379:Neowin
296:AF_XDP
286:MsQuic
267:AF_XDP
257:XDP_TX
48:Amazon
44:Google
661:Intel
96:Linux
52:Intel
439:2022
387:2022
290:QUIC
203:and
146:eBPF
107:Type
72:2016
65:2016
655:at
645:at
636:on
627:on
618:on
169:GPL
138:XDP
125:GPL
20:XDP
727::
709:,
700:,
691:,
682:,
673:,
591:.
573:.
549:.
525:.
501:.
477:.
428:.
403:.
376:.
362:^
183:.
98:,
54:,
50:,
46:,
601:.
577:.
559:.
535:.
511:.
487:.
441:.
413:.
389:.
211:.
140:(
84:C
74:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.