Difference between revisions of "Project Proposals/uDPI"
|  (→Description) |  (→Scope) | ||
| Line 56: | Line 56: | ||
|           - Integration with other systems |           - Integration with other systems | ||
| --> | --> | ||
| − | + | UDPI's main responsibility is to provide a reference framework for Deep Packet Inspection. It will cover below key components: | |
| * Flow Classification | * Flow Classification | ||
| ** HW flow offloading leveraging rte_flow on DPDK | ** HW flow offloading leveraging rte_flow on DPDK | ||
Revision as of 14:19, 23 August 2019
Contents
Name
UDPI
Project Contact (In Joined Order)
- Hongjun Ni, @ Intel,
- Jian Gu, @ ZTE,
- Jianghua Shan, @ China Telecom,
- Xingfu Li, @ HuachenTel,
- Shuai Wu, @ Inspur,
- Yuying Xia, @ Yxlink,
- Chenggang Fan, @ Sunyainfo,
- Feng Gao, @ Tencent,
- Zhong Liu, @ China Unicom,
- Yong Zhao, @ Huawei,
- Haiquan Chen, @ QingCloud,
- Jim Thompson, @ Netgate,
- Pengjie Li, @ Alibaba,
- To be added
Repository Name
udpi
Description
The UDPI (Universal Deep Packet Inspection) project is a reference framework to build a high performance solution for Deep Packet Inspection, integrated with the general purpose FD.io VPP stack. It leverages industry regex matching library to provide a rich set of features, which can be used in IPS/IDS, Web Firewall and similar applications.
The initial code contributions are from Intel and Travelping.
Overview of the UDPI reference framework: https://wiki.fd.io/view/File:Reference.png
Scope
UDPI's main responsibility is to provide a reference framework for Deep Packet Inspection. It will cover below key components:
-  Flow Classification
- HW flow offloading leveraging rte_flow on DPDK
- SW flow classification
- Supports both ipv4 and ipv6 flows
- Supports Tunnel Traffic Classification
- BD-aware and VRF-aware
- Bi-directional traffic maps to one flow.
 
-  Flow Expiration
- Timer-based expiration mechanism
- TCP session aware expiration mechanism
 
-  TCP Segments Reassembly
- TCP connection track
- TCP segments re-ordering
- TCP segments overlap handling
 
-  Application Database
- Default static Application Database
- Add new Application rules dynamically
 
-  Application Detection
- Leverage Hyperscan Stream Mode
- Reassembly TCP segments on the fly
 
-  Application-based Actions
- Qos
- Rate Limiting
- Policy Routing
- SDWAN
 
-  Supported Protocols:
- TLS/HTTPS
- HTTP
- DNS
- QUIC
 
......
Initial Committers
- Xiang Wang, @ Intel,
- Yang Hong, @ Intel,
- Harry Chang, @ Intel,
- Jian Gu, @ ZTE,
- Jianghua Shan, @ China Telecom,
- Yang Zhang, @ China Telecom,
- Xingfu Li, @ HuachenTel,
- Shuai Wu, @ Inspur,
- Yuying Xia, @ Yxlink,
- Chenggang Fan, @ Sunyainfo,
- Feng Gao, @ Tencent,
- Zhong Liu, @ China Unicom,
- Yong Zhao, @ Huawei,
- Haiquan Chen, @ QingCloud,
- Jim Thompson, @ Netgate,
- Pengjie Li, @ Alibaba,
- Zhao Zhang, @ Alibaba,
- Zhangpeng Xie, @ Alibaba,
- Hongjun Ni, @ Intel,
- To be added.
Vendor Neutral
No current or expected issues with vendor neutrality.
Meets Board Policy (including IPR, being within Board defined Scope etc)
Meets board policy as expressed in Technical Community Charter and IP Policy
Administrata
-  Request for Project proposal consideration
- Email: (place link to email to TSC proposing project, this can be obtained from TSC Archives
- Date: (date proposed, makes it simpler to calculate the pre-requisite 2 week time period of gestation before being permitted to be voted on)
 
