Hi Daniel, On 26.09.23 07:59, Daniel Borkmann wrote: > This work adds a new, minimal BPF-programmable device called "meta" we > recently presented at LSF/MM/BPF. The latter name derives from the Greek > μετά, encompassing a wide array of meanings such as "on top of", "beyond". > Given business logic is defined by BPF, this device can have many meanings. > The core idea is that BPF programs are executed within the drivers xmit > routine and therefore e.g. in case of containers/Pods moving BPF processing > closer to the source. I have a more general question: You mentioned in your LSF/MM/BPF talk that you do not plan for XDP support for the "meta device", because it is already supported in veth. Does that imply that already today I will get full zerocopy from container via veth to the NIC (and not only to other containers) by simply opening an AF_XDP socket inside a container? Thanks, Florian
