Networking with eBPF

All the packet path hooks you need to shape traffic build firewalls or speed up data planes.

Socket Filter

Classic filtering on a socket before data reaches user space.

Lightweight Tunnels

LWT IN OUT and XMIT hooks in the routing stack where eBPF can add or strip headers perform NAT or steer packets into overlays with minimal extra latency.

Traffic Control

Ingress and egress shaping and filtering in the TC layer with cls bpf.

XDP

Ultra fast packet processing that runs in the NIC driver perfect for DDoS defense.

CGroup Socket Address

A hook on connect bind and accept that lets you allow block or rewrite socket addresses for all processes inside a chosen cgroup giving per-container network policy