10.11.2025 –, Saal B
At Hetzner we’ve historically used an Open vSwitch based data plane for connecting hundred thousands of cloud servers to the network. This has served us well for many years and mostly still does. We have however reached some limitations and wanted to improve scalability, resiliency and flexibility with a more specialized data plane that's tailored to our needs while being easy to operate and building a strong foundation for new features.
When checking our options back in 2022, the team reached the conclusion that the best path to achieve this goal is to build and maintain our own highly specialized networking stack based on eBPF/XDP, and so we went on a journey to make it reality.
Today, roughly three years later, we’ve implemented a versatile network stack, called hcnet, which handles public and private cloud networking (using VXLAN encapsulation), stateful firewalls, and provides DHCP services as well as traffic capture tooling - all of this using XDP with a control plane written in Go.
To make operation’s life easier, the stack is collecting and exposing meaningful metrics and is designed to self-heal whenever possible. We’ve been using hcnet in our internal cloud for two years now, with every new feature getting its first real-world tests there on a daily basis, including customer-facing applications. We are looking forward to a public beta, once we have full feature parity with our existing stack.
In this talk we want to provide an overview of how we’ve built the new network stack, what challenges we’ve faced and where we're hitting current limitations of XDP. As of today the most pressing challenges are support for offloading and driver maturity in general.
Maximilian (Max) Wilhelm is a Holistic Network Software & Automation Evangelist, trying to bring software engineering methods to network orchestration, and helping to overcome the vendor lock-in.
Starting off with Linux and Open Source in the early 2000s, he developed a weakness for networking, IPv6 and routing which lead to him being an avid Open Source enthusiast ever since. As a result he is a co-founder, maintainer, and contributor of Bio-Routing and ifupdown-ng, and a regular speaker at Open Source and networking conferences. Max also takes part in the organization of the Free and Open Source Software Conference (FrOSCon) and founded the FrOSCon Network Track.
His second calling is acting as the lead architect behind the widely automated Freifunk Hochstift community network where he got his hands dirty with ifupdown2 as well as ifupdown-ng, VXLAN, Linux VRFs, BGP and OSPF, infrastructure automation with NetBox and Salt Stack, and is afraid of vendor-SDN solutions ever since.
Despite that fear, he's leading a team of SDN enthusiasts at Hetzner Cloud, to build the new network stack for the cloud using eBPF and XDP, and forwarding and dropping packets at line rate.
In the residual spare time likes playing piano and the organ, and doing wood work to get away from IT.
I'm a software developer with a special focus on high-performance networking and implementation of networking protocols. I'm part of the Hetzner Cloud team for software defined networks.
I do fun stuff with the Linux kernel, especially with eBPF and XDP.