[157339] in North American Network Operators' Group
Re: Attacking on Source Port 0 (ZERO)
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Mon Oct 15 22:47:39 2012
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: NANOG list <nanog@nanog.org>
Date: Tue, 16 Oct 2012 02:47:24 +0000
In-Reply-To: <2F8495EC-B5A0-42CF-9503-DC917EC117BA@gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Oct 16, 2012, at 8:57 AM, Ryan Malayter wrote:
> 10G+ forwarding with minimum packet sizes is possible on a single core us=
ing optimized kernels (see Intel DPDK and PF_RING DNA).
Of course it isn't. You can *approach* 10gb/sec with multiple cores and mi=
nimum packet sizes, granted.
> You don't need to handle more packets than you can possibly receive over =
your interfaces.
Yes, you do, because forwarding 64-byte packets at 'line-rate', whilst very=
important, isn't the only metric.
I know all about the forwarding capabilities of modern general-purpose CPUs=
, ring-buffers, et. al. I know what is possible, and what isn't possible. =
And please, no more from the Vyatta crowd, et. al. - they're like the s/Fl=
ow shouters, only more so.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
