[Oisf-users] Suricata and XDP
Nelson, Cooper
cnelson at ucsd.edu
Mon Jun 24 22:58:33 UTC 2019
I feel like I'm getting closer! No libbpf errors at least this time.
However, the load balancing still didn't work and all packets went to a single thread per NIC.
After exiting I still saw this error in the logs:
[22888] 24/6/2019 -- 10:03:24 - (util-ebpf.c:308) <Error> (EBPFSetupXDP) -- [ERRCODE: SC_ERR_INVALID_VALUE(130)] - Unable to set XDP on 'enp35s0f0': Invalid argument (-22)
Is there a list published somewhere of what kernel features need to be enabled in order to make full use of eBPF and XDP functionality?
For various reasons (security/stability) I like to run the vanilla sources with only the bare minimum of features enabled. I've turned on everything that matched the XDP/BPF keywords, however I'm wondering if there is some other dependency I'm missing:
$ zcat /proc/config.gz | egrep '(XDP|BPF)'
CONFIG_CGROUP_BPF=y
CONFIG_BPF=y
CONFIG_BPF_SYSCALL=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_XDP_SOCKETS=y
CONFIG_XDP_SOCKETS_DIAG=y
CONFIG_BPFILTER=y
CONFIG_BPFILTER_UMH=y
CONFIG_NET_CLS_BPF=y
CONFIG_NET_ACT_BPF=y
CONFIG_BPF_JIT=y
CONFIG_BPF_STREAM_PARSER=y
CONFIG_HAVE_EBPF_JIT=y
CONFIG_BPF_EVENTS=y
CONFIG_BPF_KPROBE_OVERRIDE=y
CONFIG_TEST_BPF=m
-Coop
-----Original Message-----
From: Eric Leblond <eric at regit.org>
Sent: Friday, June 21, 2019 11:21 PM
To: Nelson, Cooper <cnelson at ucsd.edu>; Peter Manev <petermanev at gmail.com>
Cc: oisf-users at lists.openinfosecfoundation.org
Subject: Re: [Oisf-users] Suricata and XDP
Argh, this is a leftover debug. Can you try the branch at
https://github.com/regit/suricata/tree/ebpf-xdp-update-5.0-v1
the forgotten debug has been removed there.
More information about the Oisf-users
mailing list