What is it?
AF_XDP is a new kernel bypass technology integrated in Linux Kernel. It offers very hight performance and low CPU overhead. It does not require any additional licenses or third party libraries. You can use it to process 1G, 10G or even 40G of traffic.
We recommend using AF_PACKET capture engine for production deployments. AF_XDP support has some limitations and not ready for production use:
- Supports only single interface
- Uses only single queue per network card
- Requires manual configuration with ethtool
AF_PACKET is a way simple to operate and offers better scalability.
Dependencies
You need to have at least Linux kernel 4.19 or more recent.
Modes
There are two modes of AF_XDP
- Copy mode (works for all NIC supported in in Linux). Offer great compatibility but does not offer top performance
- Native (driver) mode. Offers decent performance and requires support from driver. Supported only for Intel XL710 now
In FastNetMon you can require native mode support using force_native_mode_xdp option
Configuration
This mode requires XDP microprogram to work properly. You can download it here: xdp_kernel.o and put it to /root/xdp_kernel.o. Optionally you can compile it on your own.
You can enable this mode in FastNetMon using following commands:
sudo fcli set main mirror_xdp enable sudo fcli set main microcode_xdp_path /root/xdp_kernel.o sudo fcli set main force_native_mode_xdp disable sudo fcli set main poll_mode_xdp enable sudo fcli set main xdp_set_promisc enable sudo fcli set main interfaces_xdp ethX
To get maximum throughput (but it will also increase CPU usage) you may disable poll_mode_xdp. It will switch FastNetMon into “active polling” mode and will eat whole CPU.
When you enable AF_XDP FastNetMon detaches interface from standard Linux Network stack. To return it, please reboot machine.
FastNetMon binds only on first RX queue. By default your NIC allocates many queues and you can reduce number of them to 1 this way:
sudo ethtool --set-channels eth4 combined 1