From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tom.barbette@uliege.be>
Received: from serv108.segi.ulg.ac.be (serv108.segi.ulg.ac.be [139.165.32.111])
 by dpdk.org (Postfix) with ESMTP id 1B04A3256
 for <users@dpdk.org>; Sun, 14 Jan 2018 19:51:23 +0100 (CET)
Received: from mbx12-zne.ulg.ac.be (serv470.segi.ulg.ac.be [139.165.32.199])
 by serv108.segi.ulg.ac.be (Postfix) with ESMTP id F144A200C010;
 Sun, 14 Jan 2018 19:51:22 +0100 (CET)
Received: from localhost (localhost.localdomain [127.0.0.1])
 by mbx12-zne.ulg.ac.be (Postfix) with ESMTP id E0A87129E8F3;
 Sun, 14 Jan 2018 19:51:22 +0100 (CET)
Received: from mbx12-zne.ulg.ac.be ([127.0.0.1])
 by localhost (mbx12-zne.ulg.ac.be [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id EmbQdLmQUE2y; Sun, 14 Jan 2018 19:51:22 +0100 (CET)
Received: from mbx12-zne.ulg.ac.be (mbx12-zne.ulg.ac.be [139.165.32.199])
 by mbx12-zne.ulg.ac.be (Postfix) with ESMTP id C6745129E8F0;
 Sun, 14 Jan 2018 19:51:22 +0100 (CET)
Date: Sun, 14 Jan 2018 19:51:22 +0100 (CET)
From: tom.barbette@uliege.be
To: Adrian Duralia <adrian.duralia@gmail.com>
Cc: Stephen Hemminger <stephen@networkplumber.org>, users@dpdk.org
Message-ID: <118860008.49208570.1515955882684.JavaMail.zimbra@uliege.be>
In-Reply-To: <CANOA3aB-WuQOyUCb-iPHrApx=a8n8yb-FDTr4aHMLXt3A4Ktdg@mail.gmail.com>
References: <CANOA3aD-VEYqh=YXDA0BpCgn_DFSViNC_eRjmBCouVA+LyBoJg@mail.gmail.com>
 <20180113212506.03497509@xeon-e3>
 <CANOA3aB-WuQOyUCb-iPHrApx=a8n8yb-FDTr4aHMLXt3A4Ktdg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Originating-IP: [62.197.82.76]
X-Mailer: Zimbra 8.7.1_GA_1670 (ZimbraWebClient - GC63 (Win)/8.7.1_GA_1670)
Thread-Topic: middlebox using dkdp
Thread-Index: aYM47VIkkIOkjwFDsZUFNYoGGkWzFQ==
X-Mailman-Approved-At: Mon, 15 Jan 2018 18:24:56 +0100
Subject: Re: [dpdk-users] middlebox using dkdp
X-BeenThere: users@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK usage discussions <users.dpdk.org>
List-Unsubscribe: <https://dpdk.org/ml/options/users>,
 <mailto:users-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/users/>
List-Post: <mailto:users@dpdk.org>
List-Help: <mailto:users-request@dpdk.org?subject=help>
List-Subscribe: <https://dpdk.org/ml/listinfo/users>,
 <mailto:users-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Jan 2018 18:51:24 -0000

Hi Adrian,

There is a lot of publications on the subject, many new NFV frameworks are =
based on/use DPDK.

FastClick, FD.io, SoftNIC, NetBricks, NetVM, OpenNetVM,  ... Provide basic =
network functions with various level of isolation but are not strictly targ=
eting middleboxes. They will abstract a good part of the work though.

mOS, E2, Climb, Xomb, Comb are more middlebox-targeted. Maybe not all suppo=
rting directly DPDK (first 3 at least).

Depending on the project, things like OpenBox, or E2 also cover a controlle=
r-based approach.

And this is very far from an exhaustive list... Basically you're looking fo=
r "DPDK NFV dataplane". Reading about the ones I cited will get you closer =
at least.

Tom

Tom Barbette=20
PhD Student @ Universit=C3=A9 de Li=C3=A8ge=20

Office 1/13=20
B=C3=A2timent B37=20
Quartier Polytech=20
All=C3=A9e de la d=C3=A9couverte, 12=20
4000 Li=C3=A8ge=20

04/366 91 75=20
0479/60 94 63

----- Mail original -----
> De: "Adrian Duralia" <adrian.duralia@gmail.com>
> =C3=80: "Stephen Hemminger" <stephen@networkplumber.org>
> Cc: users@dpdk.org
> Envoy=C3=A9: Dimanche 14 Janvier 2018 12:53:01
> Objet: Re: [dpdk-users] middlebox using dkdp

> Thank you for the response!
> While I'm not scared to add a lot of code in the app side, I wouldn't lik=
e
> to reinvent the wheel. So, is there any framework or library that you thi=
nk
> it would be more appropiate to create a middlebox?
>=20
> Thank you,
> Adrian
>=20
> On Sunday, January 14, 2018, Stephen Hemminger <stephen@networkplumber.or=
g>
> wrote:
>=20
>> On Sat, 13 Jan 2018 22:10:55 +0200
>> Adrian Duralia <adrian@techexpress.ro> wrote:
>>
>> > Hello,
>> >
>> > I'm curious if it would be possible to implement a middlebox device us=
ing
>> > dpdk, that can filter & sign all traffic.
>> > My goal is to be able to filter some packets and also to secure the
>> > communication between a few computers (that cannot be updated/modified=
)
>> on
>> > the same LAN and I'm thinking to place such device in front on each
>> > computer, leaving current network topology untouched.
>> > I had a look at the existing samples in dpdk and l2fwd-crypto seems to
>> be a
>> > good place to start.
>> >
>> > Thank you,
>> > Adrian
>>
>> DPDK is about sending and receiving packets. It has pieces that could be
>> used
>> to handle IP etc, but really 95% of the work would have to be in the
>> application.
>> So yes, you could build a middlebox; but lots left to do.
>>
>=20
>=20
> --
> Adrian Duralia
> Tel. +40723698531
> Email: adrian.duralia@gmail.com