Bpfilter and OpenWrt?

BPF-Based Linux Firewall "bpfilter" Shows Impressive Performance Potential - Phoronix

Pardon my ignorance. Would this have any effect on OpenWrt routing performance?


1 Like

It is an extremely early proof of concept that covers little of the available functionality of iptables or nftables, anything advanced (specialized protocol or state matches, advanced targets etc.) are all not yet supported.

It will improve firewalling (NAT) performance I suppose but it is hard to tell from the little available information. The article above is light on details and it is not clear what the test scenario was and what kind of rules were processed, whether XDP offloading was used etc. Also dropping packets is a rather simple operation compared to rejecting (requires generating ICMP replies) or natting (requires to rewrite IP headers in every packet).


This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.