On Wed, 21 Feb 2018 16:30:07 -0800, Florian Fainelli wrote:
> On 02/21/2018 03:46 PM, Jakub Kicinski wrote:
> > On Tue, 20 Feb 2018 11:58:22 +0100, Pablo Neira Ayuso wrote:
> >> We also have a large range of TCAM based hardware offload outthere
> >> that will _not_ work with your BPF HW offload
On 02/21/2018 03:46 PM, Jakub Kicinski wrote:
> On Tue, 20 Feb 2018 11:58:22 +0100, Pablo Neira Ayuso wrote:
>> We also have a large range of TCAM based hardware offload outthere
>> that will _not_ work with your BPF HW offload infrastructure. What
>> this bpf infrastructure pushes into the kernel
On Tue, 20 Feb 2018 11:58:22 +0100, Pablo Neira Ayuso wrote:
> We also have a large range of TCAM based hardware offload outthere
> that will _not_ work with your BPF HW offload infrastructure. What
> this bpf infrastructure pushes into the kernel is just a blob
> expressing things in a very
Hi Pablo,
On 02/20/2018 11:58 AM, Pablo Neira Ayuso wrote:
> On Mon, Feb 19, 2018 at 08:57:39PM +0100, Daniel Borkmann wrote:
>> On 02/19/2018 05:37 PM, Pablo Neira Ayuso wrote:
>> [...]
>>> * Simplified infrastructure: We don't need the ebpf verifier complexity
>>> either given we trust the
Hi Daniel,
On Mon, Feb 19, 2018 at 08:57:39PM +0100, Daniel Borkmann wrote:
> On 02/19/2018 05:37 PM, Pablo Neira Ayuso wrote:
> [...]
> > * Simplified infrastructure: We don't need the ebpf verifier complexity
> > either given we trust the code we generate from the kernel. We don't
> > need
On 02/19/2018 05:37 PM, Pablo Neira Ayuso wrote:
[...]
> * Simplified infrastructure: We don't need the ebpf verifier complexity
> either given we trust the code we generate from the kernel. We don't
> need any complex userspace tooling either, just libnftnl and nft
> userspace binaries.
>