If you run a server that is connected to internet, you may have experienced sudden large traffic spikes - sometimes from real users, sometimes from bots, and sometimes a full-fledged DDoS attack. When too many packets hit your server, it slows down your server or shutdowns all together.
Linux 6.18, now brings changes to better server packets to these floods (mostly with UDP traffic). I noticed it's worthy of your attention - it certainly caught mine.
Previously, when a lot of CPU cores attempted to process incoming packets at the same time, CPU cores could block each other. Now, in Linux 6.18 there are smarter queues at play and CPUs do not block each other. This now allows your server to do more traffic processing at a time in situations with high amounts of traffic.
Improved memory management
The new kernel has improved memory-freeing behavior. As a result, there is less overhead, allowing the server to process more packets before falling behind.
Improved throughput with large servers
With large multi-core server configurations, increased UDP performance of almost 50% was achieved under heavy traffic load. Linux 6.18 also realized improved performance when using multiple CPU nodes, allowing your server to utilize hardware more effectively.
How it benefits your server
• Improves ability to manage traffic spikes: The more packets the server can handle before impacting performance, the better.
• Reduces packet loss for end-users: This means that positive or good traffic is more likely to reach the end user.
• Improved performance with large servers: For multi-core, multi-node server deployments, this version provides the greatest benefit.
• Makes it easier to delay implementing additional mitigation or defense mechanisms: Delaying or implementing Traffic Mitigation or Prevention responses may not be needed in such a long time.
However, take into consideration that this is not a quick fix. Larger attacks (tens of hundreds of Gbps) will still need defenses at the point the network connects together.
Linux 6.18, now brings changes to better server packets to these floods (mostly with UDP traffic). I noticed it's worthy of your attention - it certainly caught mine.
What's new in Linux 6.18
Smarter Processing Across Multiple CPU CoresPreviously, when a lot of CPU cores attempted to process incoming packets at the same time, CPU cores could block each other. Now, in Linux 6.18 there are smarter queues at play and CPUs do not block each other. This now allows your server to do more traffic processing at a time in situations with high amounts of traffic.
Improved memory management
The new kernel has improved memory-freeing behavior. As a result, there is less overhead, allowing the server to process more packets before falling behind.
Improved throughput with large servers
With large multi-core server configurations, increased UDP performance of almost 50% was achieved under heavy traffic load. Linux 6.18 also realized improved performance when using multiple CPU nodes, allowing your server to utilize hardware more effectively.
Improvements with TCP as well
There are also some enhancements to TCP traffic transmission such as SYN flood mitigation which ensures that the server continues to respond while being attacked.How it benefits your server
• Improves ability to manage traffic spikes: The more packets the server can handle before impacting performance, the better.
• Reduces packet loss for end-users: This means that positive or good traffic is more likely to reach the end user.
• Improved performance with large servers: For multi-core, multi-node server deployments, this version provides the greatest benefit.
• Makes it easier to delay implementing additional mitigation or defense mechanisms: Delaying or implementing Traffic Mitigation or Prevention responses may not be needed in such a long time.
However, take into consideration that this is not a quick fix. Larger attacks (tens of hundreds of Gbps) will still need defenses at the point the network connects together.
