0

How to receive a million packets per second

Last week during a casual conversation I overheard a colleague saying: "The Linux network stack is slow! You can't expect it to do more than 50 thousand packets per second per core!"

That got me thinking. While I agree that 50kpps per core is probably the limit for any practical application, what is the Linux networking stack capable of? Let's rephrase that to make it more fun:

On Linux, how hard is it to write a program that receives 1 million UDP packets per second?

Hopefully, answering this question will be a good lesson about the design of a modern networking stack.

CC BY-SA 2.0 image by Bob McCaffrey

First, let us assume:

• Measuring packets per second (pps) is much more interesting than measuring bytes per second (Bps). You can achieve high Bps by better pipelining and sending longer packets. Improving pps is much harder.

• Since we're interested in pps, our experiments will use short UDP messages. To be precise: 32 bytes of UDP payload. That means 74 bytes on the Ethernet layer.

• For the experiments we will use two physical servers: "receiver" and "sender".

• They both have two six core 2GHz Xeon processors. With hyperthreading (HT) enabled Continue reading

0

Sony’s E3 press conference in 3 minutes

Video

0

Show 241 – Smart Labs on Public Cloud with Ravello – Sponsored

The Packet Pushers discuss Smart Labs on AWS & Google using Ravello's nested virtualization with Gil Hoffer, VP of R&D, & Navin Thadani, Sr. VP of Products.

Author information

The post Show 241 – Smart Labs on Public Cloud with Ravello – Sponsored appeared first on Packet Pushers Podcast and was written by Ethan Banks.

0

Development Environment Setup

Before we proceed with TDD framework build it is important to have the development environment setup. In our case it will consist of two major components:

• Network Simulation Environment
• Ansible Development Environment

To simplify things I will run both of these environments on the same Virtual Machine. For network simulation I will use UnetLab, a wonderful product developed by Andrea Dainese. Currently, UnetLab is distributed as an OVA package and is available for free download on the website. To simulate network devices I will run IOU which will be interconnected to form a simple network. Finally, I will show how to setup development environment with Ansible, git and Python.

Continue reading

0

Differentiation in Software Defined WAN

One of the most interesting things about SD-WAN is the level of real differentiation between the different vendors that has actual business outcomes. Let me explain, most SD-WAN vendors are using overlay networks to bypass the restrictions and limitations of IP routing. A few of the features in common are: multi-path networking dynamic and temporal […]

The post Differentiation in Software Defined WAN appeared first on EtherealMind.

0

Practical BGP

The post Practical BGP appeared first on 'net work.

0

Bacon

The post Bacon appeared first on 'net work.

0

Thoughts on Cisco Live 2015

Cisco Live 2015 is in the books. A great return to San Diego. A farewell from John Chambers. A greeting from Chuck Robbins (@ChuckRobbins). And a few other things.

The Community is Strong, But Concerned

The absolute best part of Cisco Live is the community that has grown from the social media attendees. More than once I heard during the week “I can’t believe this used to be 20-30 people!”. The social community continues to grow and change. Some people move on. Others return from absence. Still others are coming for the first time.

The Cisco Live social community is as inclusive as any I have seen. From the Sunday night Tweetup to the various interactions throughout the week, I’m proud to be a part of a community that strives to make everyone feel like they are part of a greater whole. I met so many new people this year and marveled at the way the Social Media Hub and Meetup Area were both packed at all hours of the day.

That being said, the community does have some concerns. Some of them are around Continue reading

0

Software applications have on average 24 vulnerabilities inherited from buggy components

Many commercial software companies and enterprise in-house developers are churning out applications that are insecure by design due to the rapid and often uncontrolled use of open-source components.Even worse, these software makers wouldn’t be able to tell which of their applications are affected by a known component flaw even if they wanted to because of poor inventory practices.Last year, large software and financial services companies downloaded 240,757 components on average from one of the largest public repositories of open-source Java components. Over 15,000 of those components, or 7.5 percent, had known vulnerabilities, according to Sonatype, the company that manages the repository.To read this article in full or to leave a comment, please click here

0

Want an easily repaired smartphone? Fairphone 2 might be for you

Fairphone, the Dutch company that aims to sell socially responsible smartphones, is working on a second model that be repaired with little hassle and won’t easily break. The company is also sticking with its goal of using conflict-free or fair trade minerals.One of the company’s key aims with the Fairphone 2 was to extend the longevity of the product.Making it easy to repair is part of that. For example, it will be possible to replace the display on the Fairphone 2 in less than a minute, the company promises. After removing the case and battery, the two clips that lock the display in place are slid towards each other, and then the entire unit can be taken out, CTO Olivier Hebert said in a blog post on Tuesday.To read this article in full or to leave a comment, please click here

0

10 Questions To Ask Your SDN Vendor

Avoid making mistakes in your SDN deployment by asking SDN vendors the right questions.

0

The Upload: Your tech news briefing for Tuesday, June 16

Civil liberties faction walks out on facial recognition talksU.S. talks aimed at crafting rules on responsible use of facial recognition technology have fallen apart after a united front of civil rights and consumer groups walked out, saying the bare minimum of their demands on behalf of consumers aren’t being met. That position, accord to a statement issued by the coalition, is that “people should be able to walk down a public street without fear that companies they’ve never heard of are tracking their every movement—and identifying them by name—using facial recognition technology.”To read this article in full or to leave a comment, please click here

0

The Upload: Your tech news briefing for Tuesday, June 16

Civil liberties faction walks out on facial recognition talksU.S. talks aimed at crafting rules on responsible use of facial recognition technology have fallen apart after a united front of civil rights and consumer groups walked out, saying the bare minimum of their demands on behalf of consumers aren’t being met. That position, accord to a statement issued by the coalition, is that “people should be able to walk down a public street without fear that companies they’ve never heard of are tracking their every movement—and identifying them by name—using facial recognition technology.”To read this article in full or to leave a comment, please click here

0

Should I panic because Lastpass was hacked?

Maybe, maybe not. Lastpass uses 100000 iterations in its PBKDF2 algorithm. If you chose a long, non-dictionary password, nobody can crack it. Conversely, if you haven't, then yes, you need to change it.

I benchmarked this on my computer using "oclHashcat". It's not an exact match with the Lastpass algorithm, but it's close enough to show the performance.

0

Centralized Control Is Not Centralized Control Plane

Every other week I stumble upon a high-level SDN article that repeats the misleading SDN is centralized control plane mantra (often copied verbatim from the Wikipedia article on SDN, sometimes forgetting to quote the source).

Yesterday, I had enough and decided to respond.

Read more ...

0

Privacy groups to quit US talks on facial recognition standards

Nine privacy groups plan to withdraw from U.S. government-hosted negotiations to develop voluntary facial-recognition privacy standards because the groups feel the process won’t lead to adequate privacy protections.Industry representatives at the talks have been pushing to limit consumer control over the facial recognition data collected, the groups said in a letter to be released Tuesday.“We are convinced that in many contexts, facial recognition should only occur when an individual has affirmatively decided to allow it to occur,” wrote the groups, including the Center for Digital Democracy, the Electronic Frontier Foundation and Consumer Action. “Industry stakeholders were unable to agree on any concrete scenario where companies should employ facial recognition only with a consumer’s permission.”To read this article in full or to leave a comment, please click here

0

Cisco Live – The Complaints

You should know by now that I always find something to complain about.  Is that a bad thing?  Probably.  Does it help improve things?  Absolutely!

Again, I love going to Cisco Live every year.  Without question, it’s my favorite event of the year.  It’s a great event with great people and great things to do.  With that said, let’s look at what could have been a bit better this year.

• Seating – There was a terrible lack of seating around the convention center this year.  I spent a good part of the time standing around when I wasn’t in a session, which is not good for a lazy, fat guy like me.  We’re talking standing for 5 days here.  In the past, there have been plenty of places to sit throughout the event, so I don’t really know what happened here.
• Logistics at the CAE – This happens every year.  You’re told to go in one gate at the CAE, but no one listens or your information is wrong; you wind up standing in line behind 18849298 people who were all behind you at one point.  Then you have to get your bag searched.  Then they take half your swag Continue reading

0

Duqu 2.0 used digital certificates belonging to Foxconn

A deeper look into the latest version of malware known as Duqu shows it used digital certificates from prominent contract manufacturer Foxconn Technology Group to help mask its activity.Kaspersky Lab, which published a report on Duqu 2.0 last week, wrote in a blog post Monday that a 64-bit driver within the malware employed a digital certificate signed by Hon Hai Precision Industry, also known as Foxconn.Digital certificates are used for encrypting data and verifying the legitimacy of websites and applications. Using a digital certificate issued to a trusted organization makes it less likely that an application is going to be detected as harmful.To read this article in full or to leave a comment, please click here

0

SD-WAN Gives Us The Best Path We Always Wanted

In networking, we rely on routing protocols to compute best path. That is to ask, from the perspective of a given router in a routing domain, what is the best way to reach a destination? Best path is typically computed using simplistic metrics like hop count, cost, bandwidth, and delay. Traditional "best path" thinking is effective, insofar as it goes. It scales to a large number of devices and destinations. It is resilient. It is mature. However, it has its limitations. Software defined WAN brings a much more sophisticated metric to the computation of best path.

0

Online password locker LastPass hacked

LastPass users will be prompted to change their master passwords after the online password locker company reported that its network was breached on Friday.The company revealed the breach in a blog post Monday after investigating “suspicious activity” discovered by its security team. According to LastPass, the investigation did not reveal any evidence that the attackers stole encrypted data from users’ password vaults, nor did the intruders gain access to LastPass users’ accounts. That said, the attackers were able to steal account email addresses, password reminders, server per user salts, and authentication hashes.To read this article in full or to leave a comment, please click here