In-kernel processing for fast inspection and effective enforcement
ASTRID designs and develops a software data plane leveraging eBPF and related frameworks. The target is a flexible data plane well beyond the basic monitoring capability today envisioned by flow-level reporting, which includes stateless and/or stateful inspection criteria on flows and/or packets, aggregation and storing capabilities. ASTRID defines the data plane as the logical layer between the user-requested service and the external word, including the virtualization system, network processing elements (e.g., software switches), and hypervisor/operating systems internals (e.g., system calls). Thanks to this broad definition, ASTRID may exploit multiple and advanced programmability features of the data plane to perform monitoring, inspection and enforcing tasks, ranging from applications running in VMs or containers (e.g., LXC), OpenFlow rules, IOVisor and/or P4-based applications.