A blatant podcast plug
Matt Corallo
nanog at as397444.net
Mon Mar 6 03:00:27 UTC 2023
On 3/5/23 12:34 PM, Dave Taht wrote:
> I rather enjoyed doing this podcast a few weeks ago, (and enjoy this
> podcast a lot, generally), and it talks to what I've been up to for
> the past year or so on fixing bufferbloat for ISPs.
>
> https://packetpushers.net/podcast/heavy-networking-666-improving-quality-of-experience-with-libreqos/
>
> I am kind of curious as to how much XDP and EBPF now exist in the
> nanog universe and other applications y'all are finding for it?
I while back I had to make fragments passing through Linux boxes kinda sorta reliable-ish.
Sadly, Linux's fragment reassembly code has a wonderful timeout to hold onto potential packets for
reassembly of 30 *seconds*, and if it has stuff its holding on to it can throw away new stuff [1].
Because frag'ing happens pretty early in receive/usually on the nic in send, rewriting packets in
normal firewall rules can be annoying. Turns out this was easier to do by just slapping a "rewrite
the packet to make it pretend its not a frag and turn it back on on the other side" eBPF program on
tc on the outbound side and xdp on the inbound edge.
Its all a bit low-level (gotta write your own packet reading), but incredibly powerful when you need
to do something dirty (or more performant, in the cloudflare case, dunno if they're doing the
in-hardware XDP stuff or not).
Matt
[1] I tried to change it, the constant literally predates linux-in-git but, hey, apparently sat
links are more important to support
https://patchwork.kernel.org/project/netdevbpf/patch/[email protected]/
More information about the NANOG
mailing list