Sep 9 – 11, 2019
Europe/Lisbon timezone

Having one, unified eBPF network packet filter, no more, no less.

Sep 9, 2019, 5:00 PM
Ametista/room-I (Corinthia Hotel Lisbon)


Corinthia Hotel Lisbon

Birds of a Feather (BoF) Birds of a feather (BoF)


For long time, The kernel have contained two mechanisms with similar packet filtering functionality: tc filter (with chains) and iptables/nftables.

As eBPF is starting to take over, once again we seem to have two mechanisms with similar functionality: BPFilter and the newly suggested OVS-eBPF datapath (on top on tc).

As we move to using eBPF, I'd like to discuss the possibility of uniting those two functionalities, both the BPFilter and OVS-eBPF path, into a single one and let go of all the duplicate code.

I agree to abide by the anti-harassment policy Yes

Primary author

Presentation materials

There are no materials yet.