[dns-operations] summary of recent vulnerabilities in DNS security.

Matt Rowley matt at arin.net
Wed Oct 23 00:44:40 UTC 2013

Vernon Schryver wrote:
> I'm puzzled by the explanation of Socket Overloading in
> https://sites.google.com/site/hayashulman/files/NIC-derandomisation.pdf
>  I understand it to say that Linux on a 3 GHz CPU receiving 25,000
> packets/second (500 bytes @ 100 Mbit/sec) spends so much time in
> interrupt code that low level packet buffers overflow.
> That puzzles me for reasons that might be summarized by considering
> my claim of 20 years ago that ttcp ran at wirespeed over FDDI with
> only 40-60% of a 100 MHz CPU.


Just to reinforce Vernon and Jo's points, we have DNS servers running
Linux at ARIN pushing 25~30k packets per second.  Overall CPU
utilization (across all cores) is under 10%.  Interrupt rates tend to be
around 15~18k per second.


More information about the dns-operations mailing list