BPF Updates 11

This is issue 11 of the regular newsletter around BPF written by Alexander Alemayhu. It summarizes ongoing development, presentations, videos and other information related to BPF and XDP. It is released roughly once a week.

The highlights since last time are

  • New helper functions bpf_perf_read_counter_time and bpf_perf_prog_read_time.
  • Initial BPF assembly support in LLVM.
  • LRU map lookup improvements.

Linux 4.13 was released last week and net-next closed around the same time. The last [GIT] Networking pull request includes a couple of BPF fixes and so do the two after the merge window opened up as well. See the dates for all the details

LLVM 5.0.0 was released. For BPF there is some fixes like improved code generation for certain instructions which can prevent your program from being rejected. Also the latest release of iproute2 4.13 is worth checking out for the map in map support and the improved error messages for tailcalls.



Making the Kernel’s Networking Data Path Programmable with BPF and XDP.

Great slides covering the what, why and how on BPF and XDP. Also has an interesting graph on the number of contributions to the BPF subsystem from v4.1 - v4.13+.

Cilium - Network security for microservices

Updated Cilium slides presented at Open Source Summit North America. Includes new performance numbers around XDP for DDoS mitigation, kernel proxy (kproxy), and socket redirect.

Our Experiences Deploying Kubernetes With IPv6

While primarily on Kubernetes and IPv6, this shows how Cilium fits into that picture.

Performance Analysis Superpowers with Linux BPF

Covering the use cases for BPF with a emphasis on tracing. Several programs shown that utilize BCC. The slide on possible improvements to BCC is interesting.


Future:Net 2017 - Layer 7 is the New Layer 4: Cilium – Layer 7 Aware Networking & Security with BPF

Great talk on the potential of BPF for application level security and more.

Future:Net 2017 - The Rise of Programmable Networks

Nice introduction to BPF with a focus on some of the history of IO Visor and related things.

Future:Net 2017 - The Role of Hardware and IO Processors in the Ongoing Network Transformation

Panel from some of the NIC vendors talking about smartNICs. BPF is mentioned as a option for the dataplane and offloading.

In case you missed it

Terraform recipes to test Cilium on Kubernetes

Mostly related to Cilium, but there is some introductory information on BPF and XDP.

eBPF, Microservices, Docker, and Cilium: From Novice to Seasoned

Introduction to BPF focusing mostly on Cilium. The post also covers parts of the bpf(2) syscall with code from the v4.11 kernel.

An update on gobpf - ELF loading, uprobes, more program types

A look at the progress made in gobpf and how far it's come. Also has some kprobe examples in there.

LinuxのBPF : (3) eBPFの基礎

Introductory post using code from the 4.7 kernel. While some of it is dated, most of it should still apply today, for example the sample code.

LinuxのBPF : (4) ClangによるeBPFプログラムの作成と,BPF Compiler Collection (BCC)

Nice post going through some code from the kernel, LLVM, BCC programs and the code generation.

[iovisor-dev] Accessing user memory and minor page faults

Interesting post on tracing experiences.

Random cool note

Mind blown by eBPF performance! A simple ingress firewall I wrote using XDP processes 11 million packets/s. Time for more optimizations!


Please note that netdev receives a lot of patches and the list above is not meant to be comprehensive.

You can sign up for email notifications on https://www.cilium.io/learn/

Happy eBPF hacking! ;)