The extended Berkeley Packet Filter (eBPF) is an in-kernel virtual CPU for packet filtering that has been introduced in Linux in 2013. While originally made to capture and process network traffic, eBPF has introduced also the capability to trace and inspect any kernel function, which rapidly became one of the most successful features nowadays, curiously used even more used than traditional network processing capabilities. This Chapter will provide an architectural view of eBPF, it will give an insight on its tracing capabilities, then it will explore in more depth the case for eBPF technology applied to packet processing.
Extended Berkeley Packet Filter / Miano, Sebastiano; Risso, Fulvio - In: Network programmability: a (r)evolutionary approach / Bianchi G., Cerroni W., Palazzo S.. - STAMPA. - Roma : Texmat, 2020. - ISBN 9788894982428. - pp. 307-323
Extended Berkeley Packet Filter
Miano, Sebastiano;Risso, Fulvio
2020
Abstract
The extended Berkeley Packet Filter (eBPF) is an in-kernel virtual CPU for packet filtering that has been introduced in Linux in 2013. While originally made to capture and process network traffic, eBPF has introduced also the capability to trace and inspect any kernel function, which rapidly became one of the most successful features nowadays, curiously used even more used than traditional network processing capabilities. This Chapter will provide an architectural view of eBPF, it will give an insight on its tracing capabilities, then it will explore in more depth the case for eBPF technology applied to packet processing.File | Dimensione | Formato | |
---|---|---|---|
20CNITBook-eBPF.pdf
accesso riservato
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
580.31 kB
Formato
Adobe PDF
|
580.31 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2928802