On Thu, Mar 14, 2019 at 11:39:46AM +0000, Lorenz Bauer wrote: > This series adds the necessary helpers to determine wheter a given > (encapsulated) TCP packet belongs to a connection known to the network stack. > > * bpf_skc_lookup_tcp gives access to request and timewait sockets > * bpf_tcp_check_syncookie identifies the final 3WHS ACK when syncookies > are enabled > > The goal is to be able to implement load-balancing approaches like > glb-director [1] or Beamer [2] in pure eBPF. Specifically, we'd like to replace > the functionality of the glb-redirect kernel module [3] by an XDP program or > tc classifier. > > Thanks to Martin KaFai Lau for his review! > > Changes in v2: > * Rename bpf_sk_check_syncookie to bpf_tcp_check_syncookie. > * Add bpf_skc_lookup_tcp. Without it bpf_tcp_check_syncookie doesn't make sense. > * Check tcp_synq_no_recent_overflow() in bpf_tcp_check_syncookie. > * Check th->syn in bpf_tcp_check_syncookie. > * Require CONFIG_IPV6 to be a built in. pls resubmit when bpf-next reopens.
