[ just jumping in to answer this bit: ] > Would you happen to know what ebpf startup overhead is? > How big a problem is having two (or more) back to back tc programs > instead of one? With a jit'ed BPF program and the in-kernel dispatcher code (which avoids indirect calls), it's quite close to a native function call. > We're running into both verifier performance scaling problems and code > ownership issues with large programs... > > [btw. I understand for XDP we could only use 1 program anyway...] Working on that! See my talk at LPC: https://linuxplumbersconf.org/event/7/contributions/671/ Will post a follow-up to the list once the freplace multi-attach series lands. -Toke
