1. 技术文章
  2. AF_XDP: map `(SRC-IP, DST-IP, DST-Port)` to index to `BPF_MAP_TYPE_XSKMAP`

AF_XDP: map `(SRC-IP, DST-IP, DST-Port)` to index to `BPF_MAP_TYPE_XSKMAP`

不羁岁月 提交于 2020-04-17 18:47:30

问题


I want to spawn multiple user-space processes with each one processing packets from a single source (triple of (SRC-IP, DST-IP, DST-Port)).

Because there are going to pass a lot of packets through the AF-XDP kernel program and time is critical, I thought of a separate map in the kernel-program which is populated by a user-space program beforehand.

This map defines a mapping from the previously mentioned triple to an index which is then used in bpf_redirect_map(&xsks_map, index, 0) to send packets to a specific socket in user-space.

My initial idea was to just concatenate src-ip, destination-ip and destination port into a (32 + 32 + 16)-bit value.

Is it possible to define maps with such a large key-size? Which map would be the best fit for this problem? Furthermore, is it possible to fill the map from user-space?


回答1:


A struct as a key

There are several types of maps that can be used with eBPF. Some of them are generic (hash maps, arrays, ...) and some are very specific (redirect maps, sockmaps, ...).

The case you describes sounds like a perfect use case for a hash maps. Such maps take a struct as a key, and another struct as a value. So you could have something like:

struct my_key {
        uint32_t src_ip;
        uint32_t dst_ip;
        uint16_t dst_port;
};

... and use it as a key. The value, in your case, would be the index for the xskmap, i.e. a simple integer. Hash maps are efficient for retrieving a value from a given key (no linear search as for an array), so you get good performance with that.

Key size for hash maps

There are no specific restrictions for the size of the keys or the values, as long as the size holds on a 32-bit integer :) (Note that there may be size restrictions in the case of hardware offload).

Update from user space

It is perfectly doable to update a hash map from user space (some very specific map types may not allow it, though, but generic maps like are arrays or hash maps are entirely fine). You would do it:

  • From the command line, with bpftool,
  • From a C program, with the helpers from libbpf,
  • In your own language. In all three cases, the update itself is done through a call to the bpf() system call.


来源:https://stackoverflow.com/questions/60599317/af-xdp-map-src-ip-dst-ip-dst-port-to-index-to-bpf-map-type-xskmap

标签
Linux
networking
xdp-bpf
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!