I am a newcomer to ebpf and I am learning af_xdp recently. It was found that AF_XDP can efficiently capture data packets from kernelspace to userspace, but no relevant information was found to describe AF_XDP can reinject data to kernelspace. There is a question, whether AF_XDP can reinject the data packet into the kernelspace and let it continue to enter the kernel protocol stack? Can this replace the nf_queue in netfilter?
Asked
Active
Viewed 208 times
1
-
Not familiar enough to give you a definitive answer. [AF_XDP](https://www.kernel.org/doc/html/latest/networking/af_xdp.html) has TX rings to retransmit data. I think they bypass the kernel stack, because AF_XDP aims at performance. So AF_XDP itself might not allow it, but could you maybe use an AF_XDP Rx-only socket to capture your packets, and re-inject them with a normal AF_PACKET socket for transmission? Not sure if that would work and you may have to copy data, but that would be one thing to explore. – Qeole Feb 08 '21 at 15:16