Attacking on Source Port 0 (ZERO)

• Previous message (by thread): Attacking on Source Port 0 (ZERO)
• Next message (by thread): Attacking on Source Port 0 (ZERO)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Oct 16, 2012, at 8:57 AM, Ryan Malayter wrote:

> 10G+ forwarding with minimum packet sizes is possible on a single core using optimized kernels (see Intel DPDK and PF_RING DNA).

Of course it isn't.  You can *approach* 10gb/sec with multiple cores and minimum packet sizes, granted.

> You don't need to handle more packets than you can possibly receive over your interfaces.

Yes, you do, because forwarding 64-byte packets at 'line-rate', whilst very important, isn't the only metric.

I know all about the forwarding capabilities of modern general-purpose CPUs, ring-buffers, et. al.  I know what is possible, and what isn't possible.  And please, no more from the Vyatta crowd, et. al. - they're like the s/Flow shouters, only more so.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton

• Previous message (by thread): Attacking on Source Port 0 (ZERO)
• Next message (by thread): Attacking on Source Port 0 (ZERO)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]