net: factor out header validation #7557
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
akhinvasara-jumptrading
requested review from
amass-jump and
ripatel-fd
and removed request for
ripatel-fd
Contributor
|
|
akhinvasara-jumptrading
force-pushed
the
akhin/net_hdr_validation
branch
from
8417e14 to
bc82d3a
Compare
Performance Measurements ⏳
|
ripatel-fd
reviewed
Dec 24, 2025
Contributor
There was a problem hiding this comment.
Can we keep these in src/disco/net? These are rather specific to Firedancer and the util/net bits aim to be more generic (shared across other projects)
ripatel-fd
reviewed
Dec 24, 2025
| Returns FD_NET_SUCCESS if valid, or FD_NET_ERR_INVAL_UDP_HDR if the header is invalid: | ||
| - net_len and/or udp_sz is impossibly small | ||
| - net_len is larger than udp_sz */ |
Contributor
There was a problem hiding this comment.
This doesn't define what makes a UDP header "valid" and it also doesn't look at the UDP checksum. I'd call this fd_udp_hdr_bounds_check or similar, and move it out of util/net to disco/net
ripatel-fd
reviewed
Dec 24, 2025
| <counter name="RxPktCnt" summary="Packet receive count." /> | ||
| <counter name="RxBytesTotal" summary="Total number of bytes received (including Ethernet header)." /> | ||
| <counter name="RxUnderszCnt" summary="Number of incoming packets dropped due to being too small." /> | ||
| <counter name="RxInvalidIp4Cnt" summary="Number of incoming packets dropped due to invalid IP4 header." /> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR centralizes network header validation. The XDP tile guarantees that packets sent downstream will have passed validation.
For ease of review/reversability of desired, the first commit performs the refactor. The second commit changes the reported xdp metrics to take advantage of the new error codes.
The RX perf impact of this change is slightly positive (tested using Pktgen-DPDK from rd-merenguel1 (mlx5) to rd-chachal1 on (mlx5):
before: 8.617 Mpps
After: 8.713 Mpps