Hacker News new | past | comments | ask | show | jobs | submit login

I wonder what kind of performance this gets when compared with running eBPF since eBPF was written with performance in mind from the start.



Hence, the reason why eBPF has been referred to in the past as a Spectre-accelerator


They're doing native code generation, like Linux.


What?


BPF or berkely packet filter was written to be a faster replacement of tcpdump. People saw that it was pretty neat and started using it for non-tcp dump like stuff and it became extended BPF/eBPF. I would guess that running eBPF on Windows would be a lot slower, but it would be interesting to see a performance comparison.


Point of order: BPF wasn't written simply for tcpdump; it's part of a line of research on using PL runtimes to configure and operate networking stacks; so, right after McCanne's BPF paper, you get MPF, which is proposed to do all of demux for Mach.


Neat, did not know that.


A long post I wrote about this stuff, taking the history back to the Xerox Alto:

https://fly.io/blog/bpf-xdp-packet-filters-and-udp/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: