Proceedings of ISP RAS

Uniformly distributed load of hardware and software core in the UNIX-based systems

E.V. Palchevsky (USATU, Ufa, Russia)
A.R. Khalikov (USATU, Ufa, Russia)


In this article we consider the problem of maximizing the capacity of the network stack to the interaction of hardware and software core to ensure the stability of the physical server. The algorithms and program codes are proposed to optimize the load capacity of the CPU by core parallelization. The paper also considers statistics of improved power of distributed attacks affecting the network infrastructure. It proved the impact of any application with access to the external global network to the production of the physical server presented in the form of physical resources. With the help of the developed and implemented the algorithm (in the language of «BASH»), produced by the distribution of the load capacity of the physical server cores, to further reduce the load capacity on the processing power of the CPU is provided. Showcased flowcharts, as well as the final test results of each stage of development, are discussed. Implemented network optimization mode «AF_PACKET», which has given the opportunity to accept external network packets without any locks that, in turn, increases the efficiency of achievement of the set goals (upon request from the server to the client). The possibility of taking up to ten million incoming network packets by software physical server, which allows for stable processing of information for the smooth operation under DDoS-attacks «SYN-flood" who realized the possibility of overload multimillion network packets. A similar number of incoming network packets provides an opportunity to fill the external network channel, with a consequent increase in the load capacity of the network TCP / IP stack that covers the remote control area physical server as soon as possible. Also adversely affect the performance of the working environment.


carrying capacity; CPU; parallelization; parallelization of CPU load; optimization; protection against DDoS-attacks; traffic filtering; filtering malicious traffic


Proceedings of the Institute for System Programming, vol. 28, issue 1, 2016, pp. 93-102.

ISSN 2220-6426 (Online), ISSN 2079-8156 (Print).

DOI: 10.15514/ISPRAS-2016-28(1)-6

Full text of the paper in pdf (in Russian) Back to the contents of the volume