L4 Load Balancer

A kernel-level Layer 4 load balancer using BPF and XDP-hook, written in C and Go from scratch. Processes TCP packets directly at the network driver layer, bypassing the full Linux networking stack. Uses jhash-based consistent hashing on client IP and port to maintain sticky sessions.

GitHub Website

A Layer 4 load balancer that runs entirely in the Linux kernel via BPF and XDP-hook — packets are processed at the network driver layer before the kernel's networking stack is involved, minimising latency.

Packet path

The XDP program attaches to the NIC with bpf_redirect_map. TCP packets are intercepted at the driver layer and forwarded to a backend without ever entering the kernel's socket layer. This shaves off softirq processing, netfilter traversal, and socket lookup overhead.

Consistent hashing

Backends are arranged on a hash ring. Incoming connections are mapped via jhash on (client IP, client port), ensuring the same client always reaches the same backend — sticky sessions without application-layer state.

Adding or removing a backend only remaps ~1/N of existing flows. Standard round-robin would flush all sessions.

Control plane

A Go userspace daemon manages the BPF maps, health-checks backends, and updates the hash ring on topology changes. Configuration changes take effect in microseconds via map updates — no program reload needed.

Stack

C · Go · eBPF / XDP · BPF maps · Linux kernel