3 posts tagged with "linux"
XDP runs your code in the driver, before the kernel builds an sk_buff — the fastest place to touch a packet in Linux. What XDP is, a working drop program, how to load it and inspect maps, and where it fits versus iptables and DPDK.
The Linux tc subsystem is powerful and famously cryptic. Qdiscs, classes, and filters demystified, an HTB hierarchy that actually shares bandwidth, fq_codel to kill bufferbloat, and ingress policing with IFB.
iptables is legacy; nftables is the replacement that has shipped for years. Tables, chains, hooks and priorities, stateful matching, and the sets and maps that make nftables both faster and far more readable.