High-Performance Connection-Aware XDP NAT Load Balancer
A high-performance, low-latency XDP Layer-4 TCP full-NAT load balancer built with eBPF. Implements Least-Connections and Weighted Least-Connections scheduling, performs stateful per-flow connection tracking in datapath maps, supports dynamic multi-service VIP and backend management via CLI, includes tooling to test under concurrent connection load
This project builds a Layer-4 load balancer directly in the Linux XDP fast path, combining full NAT, TCP connection tracking, and least-connections based scheduling inside the kernel dataplane.
While most modern eBPF/XDP load balancers such as Katran or Cilium primarily rely on stateless hash-based traffic distribution and DSR to reduce dataplane state, this system focuses on adaptive, connection-aware load balancing with symmetric NAT handled entirely at early packet ingress.
New TCP flows are assigned to backends based on live connection counts using Least-Connections and Weighted Least-Connections policies, allowing more balanced utilisation under persistent or uneven workloads such as WebSockets, streaming services, or long-lived sessions.
The load balancer supports multiple virtual services, runtime backend and weight updates through an interactive CLI, and keeps backend network identity hidden from clients through bidirectional NAT.
By performing scheduling, connection tracking, and packet rewriting before packets enter the networking stack, the system achieves low processing latency while remaining suitable for practical high-concurrency deployments where stateless hashing alone is insufficient.