simplified DDoS prototype using DPDK application model.

to leverage DPDK libraries and PMD feature to build line rate processing for

• zero buffer copy
• reduce failover on faulty cases
• de-centralized telemetry
• in bound no Relational Data Base

• Primary configruation and Secodnary
• Failure of secodnary, Primary pass through
• Flow calssification based on destination IP
• Inbound IP reassembly with ACL filtering
• service core based telemetry and data base update.
• eBPF inspired flow distribution to multiple workers

1. drop: clang-9 -O2 -emit-llvm -I /usr/include/linux -c drop.c -o - `| llc -march=bpf -mcpu=probe -filetype=obj -o drop.o
2. pass: clang-9 -O2 -emit-llvm -I /usr/include/linux -c pass.c -o - `| llc -march=bpf -mcpu=probe -filetype=obj -o pass.o
3. port_forward: clang-9 -O2 -emit-llvm -I /usr/include/linux -c port_forwad.c -o - `| llc -march=bpf -mcpu=probe -filetype=obj -o pass.o

• DPDK
• libnuma-dev

• EBPF

• ip -force link set dev interfacename xdp off
• ip -force link set dev interfacename xdp object binaryname section "prog"

• ip -force link set dev interfacename1 xdp off; ip -force link set dev interfacename2 xdp off
• ip -force link set dev interfacename1 xdp object binaryname section "prog"; ip -force link set dev interfacename2 xdp object binaryname section "prog"
• bpftool map update id mapid1 key interfacename1_ifindex 0x0 0x0 0x0 value interfacename2_ifindex 0x0 0x0 0x0
• bpftool map update id mapid2 key interfacename2_ifindex 0x0 0x0 0x0 value interfacename1_ifindex 0x0 0x0 0x0

• Download DPDK from dpdk.org.
• Untar DPDK tar file.
• Execute the following commands

 cd <to unatar dpdk folder>
 make config T=x86_64-native-linuxapp-gcc O=x86_64-native-linuxapp-gcc
 export RTE_SDK=$PWD
 export RTE_TARGET=x86_64-native-linuxapp-gcc
 cd x86_64-native-linuxapp-gcc
 make -j 4

• Test the custom build by cross checking examples like helloworld & l2fwd.

• meson <build directory>
• ninja -C <build directory>