Efficient monitoring of large-scale networks poses a delicate balance between capture granularity on the one hand and the imposed overheads and performance penalties on the other. Skydive is an open source real-time network topology and protocol analyzer, featuring smart network collection which is both granular and efficient. Skydive allows for efficient network monitoring@scale through Linux networking features such as BPF and eBPF.

In the talk we will present Skydive. Focus on the usage of BPF in Skydive, and show how to capture network information efficiently. We will share some performance results showing the efficiency of Skydive BPF capturing.

Nicolas Planel, Red Hat