Massimo Tumolo
Towards a faster Iptables with eBPF.
Rel. Fulvio Giovanni Ottavio Risso, Antonio Capone. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2018
|
PDF (Tesi_di_laurea)
- Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives. Download (4MB) | Preview |
| Abstract: |
Iptables is the de-facto standard Linux firewall. Features are its strength, but its low scalability and poor performance are becoming the bottleneck of network systems. This thesis describes the challenges encountered and, consequently, the choices made while developing a prototype to replace Iptables back-end, the Netfilter, improving performance but keeping the same syntax and semantic. The prototype is developed using eBPF, a technology recently added to the Linux kernel, that allows fast in-kernel packet processing with no modification to the kernel. The results show a great gain over Iptables, and the architecture leaves space for further improvements. |
|---|---|
| Relatori: | Fulvio Giovanni Ottavio Risso, Antonio Capone |
| Anno accademico: | 2018/19 |
| Tipo di pubblicazione: | Elettronica |
| Numero di pagine: | 88 |
| Soggetti: | |
| Corso di laurea: | Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering) |
| Classe di laurea: | Nuovo ordinamento > Laurea magistrale > LM-32 - INGEGNERIA INFORMATICA |
| Aziende collaboratrici: | NON SPECIFICATO |
| URI: | http://webthesis.biblio.polito.it/id/eprint/8475 |
 |
Modifica (riservato agli operatori) |
Licenza Creative Commons - Attribuzione 3.0 Italia