Tizian-Maxime-Weigt/l3-l4-forwarding-in-xdp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
25 Commits 1 Branch 0 Tags
Commit Graph

25 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tizian Maxime Weigt
aed79c7080 Dateien nach "main" hochladen 2025-10-30 22:04:26 +00:00
Tizian Maxime Weigt
ea3f8c3499 build/main.o gelöscht 2025-10-30 22:04:13 +00:00
Tizian Maxime Weigt
2c14a29229 main.c aktualisiert 2025-10-30 22:03:51 +00:00
Tizian Maxime Weigt
af6147676b Dateien nach "build" hochladen 2025-10-30 15:27:43 +00:00
Tizian Maxime Weigt
80ee01b333 main.o gelöscht 2025-10-30 15:26:36 +00:00
Tizian Maxime Weigt
a2bca5b5ba main.c aktualisiert 2025-10-30 15:26:18 +00:00
Tizian Maxime Weigt
b19e96ef52 README.md aktualisiert 2025-10-28 23:18:43 +00:00
Tizian Maxime Weigt
ba1c3ba0e6 main.c aktualisiert 2025-10-28 23:16:31 +00:00
Tizian Maxime Weigt
8f988b0a0f xdp: Fix L4 header bounds checking and IPv6 extension header parsing in l3fwd 
Fix critical bounds checking issues and add proper IPv6 extension header
support in XDP L3 forwarding program.

Issues fixed:

1. L4 Header Bounds Checking
   - Previous code checked bounds for udphdr size (8 bytes) but then
     accessed tcphdr struct (20+ bytes), causing potential out-of-bounds
     reads and verifier rejection
   - Now each protocol (TCP/UDP) has separate, proper bounds validation
     before accessing headers

2. IPv6 Extension Header Parsing
   - Added skip_ip6hdrext() function to parse IPv6 extension headers
     (Hop-by-Hop, Routing, Fragment, Destination Options, AH, MH)
   - Ensures accurate L4 protocol identification and flow tracking for
     IPv6 packets with extension headers
   - Supports up to 6 chained extension headers with fallback

3. PERCPU Map Performance
   - Changed bpf_map_update_elem() flag from BPF_NOEXIST to BPF_ANY
   - Eliminates unnecessary overhead since PERCPU maps have no
     contention and lookup-update race window is negligible

4. L4 Offset Calculation
   - Properly calculate L4 header offset separately for bounds checking
   - Use offset-based addressing instead of pointer arithmetic for
     verifier compliance

These fixes ensure the program passes BPF verifier checks, handles all
packet types correctly, and only records flow statistics for packets
that successfully pass FIB lookup and port validation.

Tested with: IPv4/IPv6 traffic, VLAN-tagged packets, IPv6 with extension
headers (fragmentation, routing headers), TCP/UDP flows.
 2025-10-28 13:05:26 +00:00
Tizian Maxime Weigt
268615b9a4 README.md aktualisiert 2025-10-28 09:36:31 +00:00
Tizian Maxime Weigt
aacb5dd1a4 main.c aktualisiert 2025-10-28 09:18:45 +00:00
Tizian Maxime Weigt
a371f54f3a Adding precompiled version of code to easy use. 2025-10-27 23:01:29 +01:00
Tizian Maxime Weigt
8a129b18ab Dateien nach "main.o" hochladen 2025-10-27 21:58:52 +00:00
Tizian Maxime Weigt
f90b278de0 README.md aktualisiert 2025-10-27 21:45:19 +00:00
Tizian Maxime Weigt
aef70ec801 Adding vLan forwarding and offloading Support 
Adding vLan forwarding and offloading Support for XDP offloading.
 2025-10-27 21:43:40 +00:00
Tizian Maxime Weigt
76e8efa0b7 README.md aktualisiert 2025-10-27 21:34:57 +00:00
Tizian Maxime Weigt
37ceda168f main.c aktualisiert 2025-10-27 21:34:20 +00:00
Tizian Maxime Weigt
439f0f9a81 main.c aktualisiert 2025-10-27 21:34:08 +00:00
Tizian Maxime Weigt
e432998063 README.md aktualisiert 2025-10-27 16:18:55 +00:00
Tizian Maxime Weigt
cc3765743f README.md aktualisiert 2025-10-27 16:16:08 +00:00
Tizian Maxime Weigt
cf0b0c1655 README.md aktualisiert 2025-10-27 16:12:17 +00:00
Tizian Maxime Weigt
319bc67f33 main.c aktualisiert 2025-10-27 16:07:20 +00:00
Tizian Maxime Weigt
d06eab0a55 main.c aktualisiert 2025-10-27 16:02:46 +00:00
Tizian Maxime Weigt
0bc9ea0685 Adding the xdp based fwd engine 2025-10-27 16:02:36 +00:00
Tizian Maxime Weigt
ebae81a091 Initial commit 2025-10-27 16:01:24 +00:00