search

cablelabs / transparent-security

Transparent Security is a solution for identify the source devices of a DDoS attack and mitigates the attack in the customer premises or the access network. This solution leverages a P4 based programmable data plane for add in-band network telemetry (INT) for device identification and in-band mitigation.
https://www.cablelabs.com/vaccinate-your-network-to-prevent-the-spread-of-ddos-attacks
Apache License 2.0
32 stars 4 forks source link

Refactor data-inspection actions from ingress to egress #334

Closed spisarski closed 3 years ago

spisarski commented 3 years ago

What does this PR do?

Fixes #313 Moves the data_inspection_t and add_switch_id_t tables from ingress to egress

Do you have any concerns with this PR?

no

How can the reviewer verify this PR?

ensure CI continues to work as our packet parsers are still working the same

Any background context you want to provide?

After taking the Barefoot Academy classes, I learned that this type of processing is probably better in the Egress control

Screenshots or logs (if appropriate)

Questions:

spisarski commented 3 years ago

Attached are 2 pcap files. core-tun1-lab-di-master.pcap was generated from the master branch from the AE machine while running the data inspection tests. core-tun1-lab-di-agg-refactor.pcap was generated the same way from this branch. [Uploading lab_trial-data_inspection.zip…]()