Difference between revisions of "UDPI"
(→Papers and Presentations) |
|||
Line 131: | Line 131: | ||
== Papers and Presentations == | == Papers and Presentations == | ||
− | * Hyperscan: A Fast Multi-pattern Regex Matcher for Modern CPUs, [https://www.usenix.org/conference/nsdi19/presentation/wang-xiang Hyperscan] | + | * Hyperscan: A Fast Multi-pattern Regex Matcher for Modern CPUs, [https://www.usenix.org/conference/nsdi19/presentation/wang-xiang Hyperscan] At NSDI 2019 |
− | + | By Xiang Wang, Yang Hong, and Harry Chang, etc. | |
Revision as of 02:30, 25 September 2019
UDPI Facts |
Project Lead: Hongjun Ni, @ Intel
Repository: git clone https://gerrit.fd.io/r/udpi |
Contents
Intro
The UDPI (Universal Deep Packet Inspection) project is a reference framework to build a high performance solution for Deep Packet Inspection, integrated with the general purpose FD.io VPP stack. It leverages industry regex matching library to provide a rich set of features, which can be used in IPS/IDS, Web Firewall and similar applications.
The initial code contributions are from Intel and Travelping.
Overview
Overview of the UDPI reference framework: https://wiki.fd.io/view/File:Reference.png
Project Contact
- Hongjun Ni, @ Intel,
- Jian Gu, @ ZTE,
- Jianghua Shan, @ China Telecom,
- Xingfu Li, @ HuachenTel,
- Xiaofan Li, @ Inspur,
- Yuying Xia, @ Yxlink,
- Chenggang Fan, @ Sunyainfo,
- Feng Gao, @ Tencent,
- Zhong Liu, @ China Unicom,
- Yong Zhao, @ Huawei,
- Haiquan Chen, @ QingCloud,
- Jim Thompson, @ Netgate,
- Pengjie Li, @ Alibaba,
- Yanhua Wei, @ 360,
- Leon Li, @ Trend Micro,
Scope
UDPI's main responsibility is to provide a reference framework for Deep Packet Inspection. It will cover below key components:
- Flow Classification
- HW flow offloading leveraging rte_flow on DPDK
- SW flow classification
- Supports both IPv4 and IPv6 flows
- Supports Tunnel Traffic Classification
- BD-aware and VRF-aware
- Bi-directional traffic maps to one flow.
- Flow Expiration
- Timer-based expiration mechanism
- TCP session aware expiration mechanism
- TCP Segment Reassembly
- TCP connection tracking
- TCP segment re-ordering
- TCP segment overlap handling
- Application Database
- Default static Application Database
- Add new Application rules dynamically
- Application Detection
- Leverage Hyperscan Stream Mode
- Reassembly of TCP segments on the fly
- Application-based Actions
- QoS
- Rate Limiting
- Policy Routing
- SD-WAN
- Supported Protocols:
- TLS/HTTPS
- HTTP
- DNS
- QUIC
- etc.
Releases
UDPI releases are based on VPP version numbers.
Contributing
Contributions must go through code-review before being merged:
git clone https://gerrit.fd.io/r/udpi
Feel free to subscribe to the following mailing lists:
- udpi-dev@lists.fd.io : to be notified about UDPI talks
FAQ
Meeting
Papers and Presentations
- Hyperscan: A Fast Multi-pattern Regex Matcher for Modern CPUs, Hyperscan At NSDI 2019
By Xiang Wang, Yang Hong, and Harry Chang, etc.
Backlog can be found in: UDPI's JIRA.
Code quality
There is no current sonar analysis on: https://sonar.fd.io