nanog mailing list archives
Re: Attacking on Source Port 0 (ZERO)
From: Ryan Malayter <malayter () gmail com>
Date: Mon, 15 Oct 2012 20:57:24 -0500
On Oct 14, 2012, at 9:02 PM, "Dobbins, Roland" <rdobbins () arbor net> wrote:
Hopefully, you have hardware-based edge devices, not just software-based devices and (awful) stateful firewalls - the days of software-based devices on the Internet were over years ago.
Software forwarding is usually only a problem if you have the $5 CPU that Cisco puts in their $30K boxes. The overwhelming majority of edge connections are <=1Gbps. A modern x86 can handle several of these connections *per core* at minimum packet sizes with stock Linux/BSD, including ACLs. 10G+ forwarding with minimum packet sizes is possible on a single core using optimized kernels (see Intel DPDK and PF_RING DNA). You don't need to handle more packets than you can possibly receive over your interfaces.
Current thread:
- Attacking on Source Port 0 (ZERO) Shahab Vahabzadeh (Oct 14)
- Re: Attacking on Source Port 0 (ZERO) Dobbins, Roland (Oct 14)
- Re: Attacking on Source Port 0 (ZERO) Shahab Vahabzadeh (Oct 14)
- Re: Attacking on Source Port 0 (ZERO) Nick Hilliard (Oct 14)
- Re: Attacking on Source Port 0 (ZERO) Dobbins, Roland (Oct 14)
- Re: Attacking on Source Port 0 (ZERO) Dobbins, Roland (Oct 14)
- Re: Attacking on Source Port 0 (ZERO) Ryan Malayter (Oct 15)
- Re: Attacking on Source Port 0 (ZERO) Dobbins, Roland (Oct 15)
- Re: Attacking on Source Port 0 (ZERO) Steven Noble (Oct 15)
- Re: Attacking on Source Port 0 (ZERO) Shahab Vahabzadeh (Oct 14)
- Re: Attacking on Source Port 0 (ZERO) Dobbins, Roland (Oct 14)
- <Possible follow-ups>
- Re: Attacking on Source Port 0 (ZERO) Scott Weeks (Oct 14)