4-5 February 2021
UTC timezone
Webinar doors will open at 15:45 UTC. The first session will start promptly at 16:00 UTC.

XDPeriments: Tinkering with DNS and XDP

5 Feb 2021, 17:05
Standard Presentation Online Workshop OARC 34 Day 2


Willem Toorop (NLnet Labs) Dr Luuk Hendriks (NLnet Labs)


The eXpress Data Path (XDP) is a "hook" in the Linux kernel providing programmability at the lowest layer of the Network Stack (at the device driver layer) and can even be hardware offloaded to programmable devices (e.g. SmartNICs). XDP provides an easy way to perform some parts of DNS handling in the kernel but still have traditional userspace software 'after' that. XDP does not have to replace DNS software in userspace, it can augment it.

XDP programs are well suited for dealing with Denial of Service attacks. Furthermore XDP programs can be put to work on an ad-hoc basis on a running system without interruption. We think using XDP to augment an existing DNS service is an exciting new idea, and a great new tool in the DNS operator's toolbox.

In this presentation we will explore how DNS can benefit from XDP with hands-on examples of directly usable running code. We will show how operators can use XDP programs to deal with Denial of Service attacks and/or otherwise tweak their DNS service behaviour.

Primary authors

Willem Toorop (NLnet Labs) Dr Luuk Hendriks (NLnet Labs)

Presentation Materials