英文:
Split a packet in XDP eBPF
问题
在XDP eBPF中,是否可能从一个传入的数据包生成多个数据包?或者可能存在其他基于内核的解决方案?
英文:
Is it possible to generate several packets out of one incoming packet in XDP eBPF? Or probably there are other kernel based solutions?
答案1
得分: 1
XDP程序目前是一进一出(或丢弃)一个数据包。在TC层,您可以使用bpf_clone_redirect辅助函数,它可以将当前数据包的副本发送到指定的网络接口,然后您可以修改当前数据包。
另一种常见的技术称为“端口镜像”,通常用于监视流量以实现多种目的。这也可以在普通的TC中设置,而无需使用eBPF:
- https://medium.com/swlh/traffic-mirroring-with-linux-tc-df4d36116119
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/assembly_port-mirroring_configuring-and-managing-networking
英文:
No, XDP programs are as of now, one packet in, one packet out (or drop). At the TC layer you do have access to the bpf_clone_redirect helper function which as the name suggest can send a close of the current packet to a given network interface, after which you can modify the current packet.
Another common technique to called "port mirroring" typically used for monitoring traffic for a number of purposes. Which can also be setup in plain TC without eBPF:
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论