Difference between revisions of "UDPI"
Line 1: | Line 1: | ||
{{Project Facts | {{Project Facts | ||
− | |name= | + | |name=UDPI |
− | |shortname= | + | |shortname=udpi |
|jiraName=UDPI | |jiraName=UDPI | ||
|projectLead=[mailto:hongjun.ni@intel.com Hongjun Ni], @ Intel | |projectLead=[mailto:hongjun.ni@intel.com Hongjun Ni], @ Intel | ||
Line 71: | Line 71: | ||
'''UDPI project scope:''' | '''UDPI project scope:''' | ||
− | + | UDPI's main responsibility is to provide a reference framework for Deep Packet Inspection. It will cover below key components: | |
− | ** | + | * Flow Classification |
− | ** | + | ** HW flow offloading leveraging rte_flow on DPDK |
− | ** | + | ** SW flow classification |
+ | ** Supports both ipv4 and ipv6 flows | ||
+ | ** Supports Tunnel Traffic Classification | ||
+ | ** BD-aware and VRF-aware | ||
+ | ** Bi-directional traffic maps to one flow. | ||
− | * | + | * Flow Expiration |
− | ** | + | ** Timer-based expiration mechanism |
+ | ** TCP session aware expiration mechanism | ||
− | * | + | * TCP Segments Reassembly |
+ | ** TCP connection track | ||
+ | ** TCP segments re-ordering | ||
+ | ** TCP segments overlap handling | ||
− | * | + | * Application Database |
− | ** | + | ** Default static Application Database |
− | ** | + | ** Add new Application rules dynamically |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | * Application Detection | |
− | * | + | ** Leverage Hyperscan Stream Mode |
− | ** | + | ** Reassembly TCP segments on the fly |
− | ** | + | |
− | * | + | * Application-based Actions |
− | ** | + | ** Qos |
− | ** | + | ** Rate Limiting |
+ | ** Policy Routing | ||
+ | ** SDWAN | ||
− | * | + | * Supported Protocols: |
− | ** | + | ** TLS/HTTPS |
− | + | ** HTTP | |
− | * | + | ** DNS |
− | ** | + | ** QUIC |
− | + | ...... | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
== Releases == | == Releases == |
Revision as of 22:35, 29 August 2019
UDPI Facts |
Project Lead: Hongjun Ni, @ Intel
Repository: git clone https://gerrit.fd.io/r/udpi |
Contents
Intro
The UDPI (Universal Deep Packet Inspection) project is a reference framework to build a high performance solution for Deep Packet Inspection, integrated with the general purpose FD.io VPP stack. It leverages industry regex matching library to provide a rich set of features, which can be used in IPS/IDS, Web Firewall and similar applications.
The initial code contributions are from Intel and Travelping.
Overview
Overview of the UDPI reference framework: https://wiki.fd.io/view/File:Reference.png
Project Contact
- Hongjun Ni, @ Intel,
- Jian Gu, @ ZTE,
- Jianghua Shan, @ China Telecom,
- Xingfu Li, @ HuachenTel,
- Shuai Wu, @ Inspur,
- Yuying Xia, @ Yxlink,
- Chenggang Fan, @ Sunyainfo,
- Feng Gao, @ Tencent,
- Zhong Liu, @ China Unicom,
- Yong Zhao, @ Huawei,
- Haiquan Chen, @ QingCloud,
- Jim Thompson, @ Netgate,
- Pengjie Li, @ Alibaba,
Scope
UDPI's main responsibility is to enable communication between northbound interfaces and VPP's management APIs, performing all necessary translations in the background. It is important to note that many features and utilities will be reused from open source projects and tools (e.g. netopeer2, Sysrepo) and will not be a direct part of UDPI. This section is splitted into 2 sections: in-scope and out-of-scope to clearly define what is developed as part of UDPI project and what will be just reused from other projects (or where UDPI relies on other projects).
UDPI project scope:
UDPI's main responsibility is to provide a reference framework for Deep Packet Inspection. It will cover below key components:
- Flow Classification
- HW flow offloading leveraging rte_flow on DPDK
- SW flow classification
- Supports both ipv4 and ipv6 flows
- Supports Tunnel Traffic Classification
- BD-aware and VRF-aware
- Bi-directional traffic maps to one flow.
- Flow Expiration
- Timer-based expiration mechanism
- TCP session aware expiration mechanism
- TCP Segments Reassembly
- TCP connection track
- TCP segments re-ordering
- TCP segments overlap handling
- Application Database
- Default static Application Database
- Add new Application rules dynamically
- Application Detection
- Leverage Hyperscan Stream Mode
- Reassembly TCP segments on the fly
- Application-based Actions
- Qos
- Rate Limiting
- Policy Routing
- SDWAN
- Supported Protocols:
- TLS/HTTPS
- HTTP
- DNS
- QUIC
......
Releases
UDPI releases are based on VPP version numbers.
20.01 - Current master
Contributing
Contributions must go through code-review before being merged:
git clone https://gerrit.fd.io/r/udpi
Feel free to subscribe to the following mailing lists:
- udpi-dev@lists.fd.io : to be notified about UDPI talks
FAQ
Meeting
UDPI backlog
Backlog can be found in: UDPI's JIRA.
Code quality
There is no current sonar analysis on: https://sonar.fd.io