Difference between revisions of "UDPI"

From fd.io
Jump to: navigation, search
(Papers and Presentations)
Line 131: Line 131:
  
 
== Papers and Presentations ==
 
== Papers and Presentations ==
* Hyperscan: A Fast Multi-pattern Regex Matcher for Modern CPUs, [https://www.usenix.org/conference/nsdi19/presentation/wang-xiang Hyperscan] at NSDI 2019
+
* Hyperscan: A Fast Multi-pattern Regex Matcher for Modern CPUs, [https://www.usenix.org/conference/nsdi19/presentation/wang-xiang Hyperscan] At NSDI 2019
by Xiang Wang, Yang Hong, and Harry Chang, Intel; KyoungSoo Park, KAIST; Geoff Langdale, branchfree.org; Jiayu Hu and Heqing Zhu, Intel
+
  By Xiang Wang, Yang Hong, and Harry Chang, etc.
  
  

Revision as of 02:30, 25 September 2019

UDPI Facts

Project Lead: Hongjun Ni, @ Intel
Committers:

Repository: git clone https://gerrit.fd.io/r/udpi
Mailing List: udpi-dev@lists.fd.io
Jenkins: jenkins silo
Gerrit Patches: code patches/reviews
Bugs: UDPI bugs

Intro

The UDPI (Universal Deep Packet Inspection) project is a reference framework to build a high performance solution for Deep Packet Inspection, integrated with the general purpose FD.io VPP stack. It leverages industry regex matching library to provide a rich set of features, which can be used in IPS/IDS, Web Firewall and similar applications.

The initial code contributions are from Intel and Travelping.

Overview

Overview of the UDPI reference framework: https://wiki.fd.io/view/File:Reference.png

Project Contact

Scope

UDPI's main responsibility is to provide a reference framework for Deep Packet Inspection. It will cover below key components:

  • Flow Classification
    • HW flow offloading leveraging rte_flow on DPDK
    • SW flow classification
    • Supports both IPv4 and IPv6 flows
    • Supports Tunnel Traffic Classification
    • BD-aware and VRF-aware
    • Bi-directional traffic maps to one flow.
  • Flow Expiration
    • Timer-based expiration mechanism
    • TCP session aware expiration mechanism
  • TCP Segment Reassembly
    • TCP connection tracking
    • TCP segment re-ordering
    • TCP segment overlap handling
  • Application Database
    • Default static Application Database
    • Add new Application rules dynamically
  • Application Detection
    • Leverage Hyperscan Stream Mode
    • Reassembly of TCP segments on the fly
  • Application-based Actions
    • QoS
    • Rate Limiting
    • Policy Routing
    • SD-WAN
  • Supported Protocols:
    • TLS/HTTPS
    • HTTP
    • DNS
    • QUIC
    • etc.

Releases

UDPI releases are based on VPP version numbers.

Contributing

Contributions must go through code-review before being merged:

   git clone https://gerrit.fd.io/r/udpi


Feel free to subscribe to the following mailing lists:

FAQ

FAQ

Meeting

UDPI meeting

Papers and Presentations

  • Hyperscan: A Fast Multi-pattern Regex Matcher for Modern CPUs, Hyperscan At NSDI 2019
 By Xiang Wang, Yang Hong, and Harry Chang, etc.


Backlog can be found in: UDPI's JIRA.

Code quality

There is no current sonar analysis on: https://sonar.fd.io