EtherTAP - First Announcement

March 20, 2025

projects

IXDP, libxdp, RPCL

EtherTAP #

A few months ago I was initially planning to release two distinct IXDP/libxdp projects (or applications), one for monitoring and a second for bridging (both with the same packet statistic and recording capabilities). Obviously, that both fits well into a single application named EtherTAP.

Here’s the current introduction:

EtherTAP is a software based Ethernet analysis and monitoring security tool which allows to obtain insight and to record selected (or all) traffic for further analysis and evaluation. EtherTAP is based on IXDP, which is an internal API at Inlab Networks on top of libxdp/AF_XDP. XDP/AF_XDP in zero-copy mode allows packet processing at wire-speed up to 100GbE full duplex.

To provide here some additional information, these are the main components:

IXDP: An API on top of libxdp which manages the AF_XDP rings with one or multipe threads.
RPCL: A minimalistic “Command and Control” CLI shell which operates in reverse polish notation.
CTL: A unified API to manage daemon processes and to connect to their CLI with line editing.

Also interesting is the implementation and use of lockless/atomic hash tables, for example to count MAC source addresses. I hope I find the time to tell more about this in a separate post.

Further information: