2

We've made the silly mistake of writing several bpf programs (each group wrote one) to later figure out we cannot attach more than one at the same time. Now we want to redesign and make each group have their own AF_XDP socket and the eBPF program will send data to the right one based on destination ip&port (we're talking UDP RX only).

So my question is how would you go about it? we figured using BPF_MAP_TYPE_HASH to keep the (ip,port) as key and the value will be a key to the BPF_MAP_TYPE_XSKMAP map. Are there other better ways? would you stick with one AF_XDP socket and let the user-space make the distinguish between ports or would you let each user define their own socket with their own umem limitations?

Thanks and sorry for the strange question. the whole XDP and AF_XDP is a bit.. overwhelming.. so want to make sure we're not doing another silly mistake that it might be harder to find.

Vipin Varghese
  • 4,540
  • 2
  • 9
  • 25
ben.pere
  • 303
  • 4
  • 14
  • Hi @ben.pere can you help me understand if your question is `currently we have implement hash based xkx sock mapping. Would it be beneficial to have single sock and let user application maintain the map?`. If this correct, mq query is `your current XDP-ebpf is filtering the packets based on IP-Port and doing hash lookup. What would be benefit of putting the packet back to same single socket and ask user space to do again?` – Vipin Varghese Feb 19 '21 at 06:27

1 Answers1

1

I figured I'll reply as we've decided and implemented everything already - seems like I've learn so much since I asked this.

One can only have one UMEM one per interface&rxqueue so the "benefit" of multiple sockets kind of diminished as you'll anyway have to manage items in the fill/completion ring in a synchronized manner so might as well have a single socket with dedicated RX/TX threads and dedicated RX/TX UMEM zones (so no sync required between RX/TX threads).

So we've used a HASH in the BPF from the ip,port to an index in the userspace connections array and we put it in the metadata so userspace can easily distinguish what goes where - this also makes it a little easier to handle fragmented ip packets.

ben.pere
  • 303
  • 4
  • 14