[dns-operations] summary of recent vulnerabilities in DNS security.
matt at arin.net
Wed Oct 23 00:44:40 UTC 2013
Vernon Schryver wrote:
> I'm puzzled by the explanation of Socket Overloading in
> I understand it to say that Linux on a 3 GHz CPU receiving 25,000
> packets/second (500 bytes @ 100 Mbit/sec) spends so much time in
> interrupt code that low level packet buffers overflow.
> That puzzles me for reasons that might be summarized by considering
> my claim of 20 years ago that ttcp ran at wirespeed over FDDI with
> only 40-60% of a 100 MHz CPU.
Just to reinforce Vernon and Jo's points, we have DNS servers running
Linux at ARIN pushing 25~30k packets per second. Overall CPU
utilization (across all cores) is under 10%. Interrupt rates tend to be
around 15~18k per second.
More information about the dns-operations