Issue
Is it possible to generate several packets out of one incoming packet in XDP eBPF? Or probably there are other kernel based solutions?
Solution
No, XDP programs are as of now, one packet in, one packet out (or drop). At the TC layer you do have access to the bpf_clone_redirect
helper function which as the name suggest can send a close of the current packet to a given network interface, after which you can modify the current packet.
Another common technique to called "port mirroring" typically used for monitoring traffic for a number of purposes. Which can also be setup in plain TC without eBPF:
- https://medium.com/swlh/traffic-mirroring-with-linux-tc-df4d36116119
- https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/assembly_port-mirroring_configuring-and-managing-networking
Answered By - Dylan Reimerink Answer Checked By - David Marino (WPSolving Volunteer)