shane-kerr
commented
1 year ago We discussed capacity on the 2023-08-01 call.
Capacity is tightly related to DoS attack handling.
Basic idea is that over-capacity is necessary.
TODO:
- outline risk model
- similarity to web server operation?
anycast + monitoring + uplink size + etc...
following telco rules
- overprovisoning (3x to 10x)
- DNSSEC, negative caching against random subdomain attacks
- DDoS protection
- types? reflection, amplification, ...
CPU resources is limiting resource memory not an issue architecture is the main issue
- primary/secondary
- load balancers
go for anycast
TC bit (force TCP transfers)
- set in kernel via eBPF
I put a section on capacity considerations. I'm not 100% sure this makes sense, but it is probably worth writing something down.