AtelierPPS2012 » Historique » Version 8
Laurent GUERBY, 02/08/2012 15:40
| 1 | 1 | Laurent GUERBY | {{>toc}} |
|---|---|---|---|
| 2 | 1 | Laurent GUERBY | |
| 3 | 1 | Laurent GUERBY | h1. AtelierPPS2012 |
| 4 | 1 | Laurent GUERBY | |
| 5 | 1 | Laurent GUERBY | Une attaque sur le réseau gitoyen a eu lieu le 18 juin et une sur tetaneutral.net le 29 juin, ces deux attaques etaient en "paquet par seconde" (PPS) avec de petits paquets de 50-60 byte qui saturent les CPU des routeurs logiciels. |
| 6 | 1 | Laurent GUERBY | |
| 7 | 1 | Laurent GUERBY | L'idée est d'étudier via des recherches sur le web et des laboratoires/ateliers le comportement des routeurs logiciels dans ce cas la : limites atteintes en fonction du paramétrage et du matériel (carte réseau, CPU et fréquence). |
| 8 | 1 | Laurent GUERBY | |
| 9 | 1 | Laurent GUERBY | h2. Liens |
| 10 | 1 | Laurent GUERBY | |
| 11 | 2 | Laurent GUERBY | * http://lists.tetaneutral.net/pipermail/technique/2012-July/000406.html |
| 12 | 2 | Laurent GUERBY | * http://guerby.org/ftp/dos-tetaneutral-20120629-12h33-13h03-pps.png |
| 13 | 1 | Laurent GUERBY | |
| 14 | 3 | Laurent GUERBY | * http://www.spinics.net/lists/netdev/msg206077.html |
| 15 | 3 | Laurent GUERBY | ** So with your patch, Eric's patch, and this most recent patch we are now at 11.8Mpps with 8 or 9 queues. At this point I am staring to hit the hardware limits since 82599 will typically max out at about 12Mpps w/ 9 queues. |
| 16 | 3 | Laurent GUERBY | ** 12e6 * 64 byte * 8 = 6.1 Gbit/s |
| 17 | 3 | Laurent GUERBY | * Intel® 82599 10 Gigabit Ethernet Controller http://ark.intel.com/products/series/32609 |
| 18 | 4 | Laurent GUERBY | * more interrupts (lower performance) in bare-metal compared with running VM https://lkml.org/lkml/2012/7/27/490 |
| 19 | 3 | Laurent GUERBY | |
| 20 | 3 | Laurent GUERBY | 100 Mbit/s = 195312 frames de 64 byte/s |
| 21 | 3 | Laurent GUERBY | 1000 Mbit/s = 1953125 frames de 64 byte/s |
| 22 | 3 | Laurent GUERBY | |
| 23 | 5 | Laurent GUERBY | * discussion choix d'un routeur et attaque PPS : http://www.mail-archive.com/frnog@frnog.org/msg19673.html |
| 24 | 6 | Laurent GUERBY | ** projet netmap http://info.iet.unipi.it/~luigi/netmap/ |
| 25 | 6 | Laurent GUERBY | ** http://info.iet.unipi.it/~luigi/papers/20120503-netmap-atc12.pdf |
| 26 | 7 | Laurent GUERBY | *** "In our prototype, a single core running at 900 MHz can send or receive 14.88 Mpps (the peak packet rate on 10 Gbit/s links). This is more than 20 times faster than conventional APIs." |
| 27 | 8 | Laurent GUERBY | ** http://info.iet.unipi.it/~luigi/netmap/20110729-rizzo-infocom.pdf |
| 28 | 8 | Laurent GUERBY | ** VALE, a Virtual Local Ethernet http://info.iet.unipi.it/~luigi/vale/ |
| 29 | 8 | Laurent GUERBY | *** http://info.iet.unipi.it/~luigi/papers/20120608-vale.pdf |
| 30 | 6 | Laurent GUERBY | ** http://www.intel.com/content/www/us/en/ethernet-controllers/82599-10-gbe-controller-datasheet.html |
| 31 | 6 | Laurent GUERBY | ** ipfw 9-10 Mpps http://lists.freebsd.org/pipermail/freebsd-net/2012-July/032869.html |
| 32 | 6 | Laurent GUERBY | ** Towards a Billion Routing Lookups per Second in Software http://info.iet.unipi.it/~luigi/papers/20120601-dxr.pdf |
| 33 | 6 | Laurent GUERBY | ** http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf |
| 34 | 8 | Laurent GUERBY | |
| 35 | 5 | Laurent GUERBY | |
| 36 | 1 | Laurent GUERBY | h2. Personnes interessées |
| 37 | 1 | Laurent GUERBY | |
| 38 | 1 | Laurent GUERBY | # Laurent GUERBY |
| 39 | 1 | Laurent GUERBY | # Autre |
| 40 | 1 | Laurent GUERBY | |
| 41 | 1 | Laurent GUERBY | A priori il suffit de deux machines pour pouvoir commencer chez soi. |