WingNews logo WingNews
top | item 27098989

(no title)

0x000000E2 | 4 years ago

I'll add that with DPDK you end up needing your own TCP stack if you're doing anything above layer 3.

TCP is a beast with opportunity for countless subtle bugs. The Linux kernel is perhaps the best implementation there is. Many userspace implementations are simplified and missing features.

Even giants like Cloudflare use Linux kernel for routing when they need to operate above layer 3. They only use DPDK for very low level features.

DPDK has its place but for most use cases you need to man handle TCP and you're better off using kernel packet handling for that

discuss

order

gonzo|4 years ago

> use Linux kernel for routing when they need to operate above layer 3.

What could you possibly mean by this?

0x000000E2|4 years ago

When they need to handle UPD and TCP. Cloudflare's web application firewalls run at TCP and HTTP layer and use tuned Linux kernels for processing, not DPDK and userspace TCP as some think

Their line rate stuff for flood mitigation uses DPDK or similar