Difference between revisions of "Project Proposals/uDPI"

From fd.io
Jump to: navigation, search
(Created page with "Category:Project Proposal <!-- Please note: fd.io code is to be licensed under the Apache 2.0 license unless an exception is approved by the board --> == Name == <!-- The...")
 
(Initial Committers)
 
(36 intermediate revisions by the same user not shown)
Line 4: Line 4:
 
== Name ==
 
== Name ==
 
<!-- The name of your project, for example Honeycomb BridgeDomain or NSH Advanced Features etc. -->
 
<!-- The name of your project, for example Honeycomb BridgeDomain or NSH Advanced Features etc. -->
Sweetcomb
+
UDPI
  
== Project Contact Name and Email ==
+
== Project Contact (In Joined Order)==
 
<!-- Name and email of the project contact -->
 
<!-- Name and email of the project contact -->
 
* [mailto:hongjun.ni@intel.com Hongjun Ni], @ Intel,  
 
* [mailto:hongjun.ni@intel.com Hongjun Ni], @ Intel,  
 +
* [mailto:gu.jian1@zte.com.cn Jian Gu], @ ZTE,
 +
* [mailto:shanjiangh@chinatelecom.cn Jianghua Shan], @ China Telecom,
 +
* [mailto:lixingfu@huachentel.com Xingfu Li], @ HuachenTel,
 +
* [mailto:wushuai@inspur.com Shuai Wu], @ Inspur,
 +
* [mailto:yuyingxia@yxlink.com Yuying Xia], @ Yxlink,
 +
* [mailto:fanchenggang@sunyainfo.com Chenggang Fan], @ Sunyainfo,
 +
* [mailto:davidfgao@tencent.com Feng Gao], @ Tencent,
 +
* [mailto:liuzhong1@chinaunicom.cn Zhong Liu], @ China Unicom,
 +
* [mailto:zhaoyong11@huawei.com Yong Zhao], @ Huawei,
 +
* [mailto:oc@yunify.com Haiquan Chen], @ QingCloud,
 +
* [mailto:jim@netgate.com Jim Thompson], @ Netgate,
 +
* [mailto:pengjie.lpj@alibaba-inc.com Pengjie Li], @ Alibaba,
 
* To be added
 
* To be added
  
Line 21: Line 33:
 
== Description ==
 
== Description ==
 
<!-- Description of the work that will take place in this project -->
 
<!-- Description of the work that will take place in this project -->
uDPI (Universal Deep Packet Inspection) is a reference framework to provide a high performance solution for Deep Packet Inspection.
+
The UDPI (Universal Deep Packet Inspection) project is a reference framework to build a high performance solution for Deep Packet Inspection, integrated with the general purpose FD.io VPP stack. It leverages industry regex matching library to provide a rich set of features, which can be used in IPS/IDS, Web Firewall and similar applications.  
  
We are planning to contribute existing code, and initial code is contributed by Intel.
+
The initial code contributions are from Intel and Travelping.
 +
 
 +
Overview of the UDPI reference framework:
 +
https://wiki.fd.io/view/File:Reference.png
  
 
== Scope ==
 
== Scope ==
Line 41: Line 56:
 
         - Integration with other systems
 
         - Integration with other systems
 
-->
 
-->
uDPI's main responsibility is to enable communication between its northbound interfaces and VPP's management APIs, performing all necessary translations in the background. It is important to note that many features and utilities will be reused from open source projects and tools (e.g. netopeer2, goahead and openSSL) and will not be a direct part of Sweetcomb. This section is splitted into 2 sections: in-scope and out-of-scope to clearly define what is developed as part of Sweetcomb project and what will be just reused from other projects (or where Sweetcomb relies on other projects).
+
UDPI's main responsibility is to provide a reference framework for Deep Packet Inspection. It will cover below key components:
 +
* Flow Classification
 +
** HW flow offloading leveraging rte_flow on DPDK
 +
** SW flow classification
 +
** Supports both ipv4 and ipv6 flows
 +
** Supports Tunnel Traffic Classification
 +
** BD-aware and VRF-aware
 +
** Bi-directional traffic maps to one flow.
 +
 
 +
* Flow Expiration
 +
** Timer-based expiration mechanism
 +
** TCP session aware expiration mechanism
 +
 
 +
* TCP Segments Reassembly
 +
** TCP connection track
 +
** TCP segments re-ordering
 +
** TCP segments overlap handling
 +
 
 +
* Application Database
 +
** Default static Application Database
 +
** Add new Application rules dynamically
 +
 
 +
* Application Detection
 +
** Leverage Hyperscan Stream Mode
 +
** Reassembly TCP segments on the fly
  
 +
* Application-based Actions
 +
** Qos
 +
** Rate Limiting
 +
** Policy Routing
 +
** SDWAN
  
 +
* Supported Protocols:
 +
** TLS/HTTPS
 +
** HTTP
 +
** DNS
 +
** QUIC
 +
......
  
 
== Initial Committers ==
 
== Initial Committers ==
Line 54: Line 104:
 
* [mailto:xiang.w.wang@intel.com Xiang Wang], @ Intel,
 
* [mailto:xiang.w.wang@intel.com Xiang Wang], @ Intel,
 
* [mailto:yang.a.hong@intel.com Yang Hong], @ Intel,
 
* [mailto:yang.a.hong@intel.com Yang Hong], @ Intel,
 +
* [mailto:harry.chang@intel.com Harry Chang], @ Intel,
 +
* [mailto:gu.jian1@zte.com.cn Jian Gu], @ ZTE,
 +
* [mailto:shanjiangh@chinatelecom.cn Jianghua Shan], @ China Telecom,
 +
* [mailto:zhangy.yun@chinatelecom.cn Yang Zhang], @ China Telecom,
 +
* [mailto:lixingfu@huachentel.com Xingfu Li], @ HuachenTel,
 +
* [mailto:wushuai@inspur.com Shuai Wu], @ Inspur,
 +
* [mailto:yuyingxia@yxlink.com Yuying Xia], @ Yxlink,
 +
* [mailto:fanchenggang@sunyainfo.com Chenggang Fan], @ Sunyainfo,
 +
* [mailto:davidfgao@tencent.com Feng Gao], @ Tencent,
 +
* [mailto:liuzhong1@chinaunicom.cn Zhong Liu], @ China Unicom,
 +
* [mailto:zhaoyong11@huawei.com Yong Zhao], @ Huawei,
 +
* [mailto:oc@yunify.com Haiquan Chen], @ QingCloud,
 +
* [mailto:jim@netgate.com Jim Thompson], @ Netgate,
 +
* [mailto:pengjie.lpj@alibaba-inc.com Pengjie Li], @ Alibaba,
 +
* [mailto:zhangzhao.zz@alibaba-inc.com Zhao Zhang], @ Alibaba,
 +
* [mailto:zhangpeng.xzp@alibaba-inc.com Zhangpeng Xie], @ Alibaba,
 +
* [mailto:drenfong.wang@intel.com Drenfong Wang], @ Intel,
 
* [mailto:hongjun.ni@intel.com Hongjun Ni], @ Intel,
 
* [mailto:hongjun.ni@intel.com Hongjun Ni], @ Intel,
 
* To be added.
 
* To be added.

Latest revision as of 15:55, 27 August 2019


Name

UDPI

Project Contact (In Joined Order)

Repository Name

udpi

Description

The UDPI (Universal Deep Packet Inspection) project is a reference framework to build a high performance solution for Deep Packet Inspection, integrated with the general purpose FD.io VPP stack. It leverages industry regex matching library to provide a rich set of features, which can be used in IPS/IDS, Web Firewall and similar applications.

The initial code contributions are from Intel and Travelping.

Overview of the UDPI reference framework: https://wiki.fd.io/view/File:Reference.png

Scope

UDPI's main responsibility is to provide a reference framework for Deep Packet Inspection. It will cover below key components:

  • Flow Classification
    • HW flow offloading leveraging rte_flow on DPDK
    • SW flow classification
    • Supports both ipv4 and ipv6 flows
    • Supports Tunnel Traffic Classification
    • BD-aware and VRF-aware
    • Bi-directional traffic maps to one flow.
  • Flow Expiration
    • Timer-based expiration mechanism
    • TCP session aware expiration mechanism
  • TCP Segments Reassembly
    • TCP connection track
    • TCP segments re-ordering
    • TCP segments overlap handling
  • Application Database
    • Default static Application Database
    • Add new Application rules dynamically
  • Application Detection
    • Leverage Hyperscan Stream Mode
    • Reassembly TCP segments on the fly
  • Application-based Actions
    • Qos
    • Rate Limiting
    • Policy Routing
    • SDWAN
  • Supported Protocols:
    • TLS/HTTPS
    • HTTP
    • DNS
    • QUIC

......

Initial Committers

Vendor Neutral

No current or expected issues with vendor neutrality.

Meets Board Policy (including IPR, being within Board defined Scope etc)

Meets board policy as expressed in Technical Community Charter and IP Policy

Administrata

  • Request for Project proposal consideration
    • Email: (place link to email to TSC proposing project, this can be obtained from TSC Archives
    • Date: (date proposed, makes it simpler to calculate the pre-requisite 2 week time period of gestation before being permitted to be voted on)
Retrieved from "https://wiki.fd.io/index.php?title=Project_Proposals/uDPI&oldid=9804"