Speaker
Raman Shukhau
Description
This talk explores the idea of capturing and identifying DNS requests with BPF and responding to them "in-place" with BPF.
DNS is a relatively simple UDP protocol, and a typical DNS query over UDP usually involves just one packet for the query and one packet for the response. If BPF parses structure of the packet and is able to resolve address from the request, e.g. from the hash map attached to the program, it's also able to rewrite all fields of the incoming packet with the resolved address and place this packet back in the queue as a response.
In the talk we will cover an actual implementation of TC/XDP BPF Programs, potential performance benefits and real world applications, as well as, relevant topics such as DNS DDos protection.