On 09/20/16 at 04:18pm, Tom Herbert wrote: > This allows other use cases than BPF inserting code into the data > path. This gives XDP potential more utility and more users so that we > can motivate more driver implementations. For instance, I thinks it's > totally reasonable if the nftables guys want to insert some of their > rules to perform early DDOS drop to get the same performance that we > see in XDP.
Reasonable point with nftables but are any of these users on the table already and ready to consume non-skbs? It would be a pity to add this complexity and cost if it is never used. I don't see how we can ensure performance if we have multiple subsystems register for the hook each adding their own parsers which need to be passed through sequentially. Maybe I'm missing something.
