An open API service indexing awesome lists of open source software.

https://github.com/esnet/dpdk-plugin


https://github.com/esnet/dpdk-plugin

Last synced: 4 months ago
JSON representation

Awesome Lists containing this project

README

          

# ESnet DPDK Plugin

## Motivation

Intel's [DPDK](https://www.dpdk.org/) is a mature, highly-optimized
library for fast packet capture and generation. This plugin allows the
[Zeek Network Security Monitor](https://zeek.org) to use it.

## Install

### Prerequisites

Install Zeek and zkg, and configure zkg.

### Installing DPDK

Installing the DPDK libraries and kernel module differs based on your distribution:

##### Ubuntu

```
sudo apt install dpdk
```

#### Bind the NIC to a DPDK-compatible driver

DPDK ships with a helper script, which makes it easy to bind your network card. Start by viewing the current status:

```
$ dpdk-devbind.py --status

Network devices using kernel driver
===================================
0000:00:05.0 'Elastic Network Adapter (ENA) ec20' if=ens5 drv=ena unused=igb_uio,vfio-pci *Active*
0000:00:06.0 'Elastic Network Adapter (ENA) ec20' if=ens6 drv=ena unused=igb_uio,vfio-pci
```

Once you've determined which network device you want to use for Zeek, you can bind it to your DPDK-aware driver:

```
$ sudo dpdk-devbind.py --bind=vfio-pci 00:06.0
$ dpdk-devbind.py --status

Network devices using DPDK-compatible driver
============================================
0000:00:06.0 'Elastic Network Adapter (ENA) ec20' drv=vfio-pci unused=ena,igb_uio

Network devices using kernel driver
===================================
0000:00:05.0 'Elastic Network Adapter (ENA) ec20' if=ens5 drv=ena unused=igb_uio,vfio-pci *Active*
```

#### Install necessary build tools

##### Ubuntu

```
sudo apt install cmake build-essentials
```

#### Enable hugepages

`echo 1024 > /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages`

## Run Zeek

### Manually

```
zeek -i dpdk::auto
```

### Via ZeekCtl

```
[worker-1]
type=worker
host=localhost
interface=dpdk::auto
lb_method=custom
lb_procs=8
```