Self sign-up has been disabled due to increased spam activity. If you want to get access, please send an email to a project owner (preferred) or at gitlab(at)nic(dot)cz. We apologize for the inconvenience.
@@ -2,7 +2,7 @@ Recently, version 3.0 of Knot DNS - an open-source implementation of an authorit
...
@@ -2,7 +2,7 @@ Recently, version 3.0 of Knot DNS - an open-source implementation of an authorit
## XDP
## XDP
When trying to maximize the UDP throughput (e.g. to mitigate flood attacks), processing packets in the kernel tends to limit the overall performance. In the case where the network stack isn't needed for advanced routing, firewall, traffic monitoring, or shaping, it is possible to bypass the kernel and pass the packets from the NIC directly to the DNS daemon. This technology is called eXpress Data Path (XDP). When using the XDP implementation in Knot DNS, the maximum DNS-over-UDP throughput is increased by tens of percent. Other traffic (DNS-over-TCP, management over SSH, ...) remains unaffected and is processed by the kernel as usual.
When trying to maximize the UDP throughput (e.g. to mitigate flood attacks), processing packets in the kernel tends to limit the overall performance. In the case where the network stack isn't needed for advanced routing, firewall, traffic monitoring, or shaping, it is possible to bypass the (modern Linux) kernel and pass the packets from the NIC directly to the DNS daemon. This technology is called eXpress Data Path (XDP). When using the XDP implementation in Knot DNS, the maximum DNS-over-UDP throughput is increased by tens of percent. Other traffic (DNS-over-TCP, management over SSH, ...) remains unaffected and is processed by the kernel as usual.