- passthrough below nic to VM(XL710 NIC have support XDP)
81:00.1 Ethernet controller: Intel Corporation Ethernet Controller XXV710 for 25GbE SFP28 (rev 02)
virsh edit ubuntu18 编译vm配置文件,添加网卡PF
<hostdev mode='subsystem' type='pci' managed='yes'>
<source>
<address domain='0x0000' bus='0x81' slot='0x00' function='0x1'/>
</source>
<address type='pci' domain='0x0000' bus='0x00' slot='0x09' function='0x0'/>
</hostdev>
- compile latest ip tool
download iproutes from git, iproutes include many tools: ip, tc, etc.
./configure && make && make install
ip link set help --- 可看到支持xdp情况
[ { xdp | xdpgeneric | xdpdrv | xdpoffload } { off |
object FILE [ section NAME ] [ verbose ] |
pinned FILE } ]
编译最新版本iproute2后,加载xdp程序报错如下:
image.png
解决方法:
打上下面pacth,重新编译即可
https://patchwork.ozlabs.org/patch/776015/
- c code for xdp which will run in kernel space
代码作用: 将收到的数据包全部drop掉
#include <linux/bpf.h>
#ifndef __section
# define __section(NAME) \
__attribute__((section(NAME), used))
#endif
__section("prog")
int xdp_drop(struct xdp_md *ctx)
{
return XDP_DROP;
}
char __license[] __section("license") = "GPL";
- compile c to bytecode
clang -O2 -Wall -target bpf -c xdp-example.c -o xdp-example.o
- load bytecode to nic driver
ip link set dev ens9 xdp obj xdp-example.o
root@ubuntu:/home/jk# ip link show dev ens9
3: ens9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 xdp qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 3c:fd:fe:c0:07:b9 brd ff:ff:ff:ff:ff:ff
prog/xdp id 11 tag 57cd311f2e27366b jited
-
verify
当ens9收到数据后,都drop了。由于在底层丢包的,所以通过ifconfig ens9查看不到丢包统计。 -
编译kernel 5.0下面的sample/bpf失败
/home/jk/linux-stable/samples/bpf/test_lru_dist.c:39:8: error: redefinition of ‘struct list_head’
struct list_head {
^~~~~~~~~
In file included from /home/jk/linux-stable/samples/bpf/test_lru_dist.c:9:0:
./tools/include/linux/types.h:69:8: note: originally defined here
struct list_head {
^~~~~~~~~
HOSTCC /home/jk/linux-stable/samples/bpf/sock_example
scripts/Makefile.host:90: recipe for target '/home/jk/linux-stable/samples/bpf/test_lru_dist' failed
make[2]: *** [/home/jk/linux-stable/samples/bpf/test_lru_dist] Error 1
make[2]: *** Waiting for unfinished jobs....
In file included from /home/jk/linux-stable/samples/bpf/sock_example.c:27:0:
/usr/include/linux/ip.h:102:2: error: unknown type name ‘__sum16’
__sum16 check;
^~~~~~~
按下面patch修改即可
https://lore.kernel.org/patchwork/patch/960390/
网友评论