From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marek Kierdelewicz <marek@piasta.pl>
Date: Sat, 26 May 2007 14:22:10 +0000
Subject: Re: [LARTC] big problem with HTB/CBQ and CPU for more than 1.700
Message-Id: <20070526162210.753a8d69@catlap>
List-Id: <lartc.vger.kernel.org>
References: <20070526135435.C96F540DB@outpost.ds9a.nl>
In-Reply-To: <20070526135435.C96F540DB@outpost.ds9a.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

>Hello,

Hi there!
 

>iptables -t mangle -A POSTROUTING --dest x.x.x.x -o eth0 -j CLASSIFY
>--set-class 1:5
>iptables -t mangle -A FORWARD --src x.x.x.x -o eth1 -j CLASSIFY
>--set-class 1:5

3k iptables rules strike me as something suicidaly slow.

Try using tc hashing filters for traffic classification as described
here:
http://lartc.org/howto/lartc.adv-filter.hashing.html

If you use private addresses and NAT then you'll need IFB
(http://linux-net.osdl.org/index.php/IFB) to shape upload per client
with u32 hashing filters.

Hope that helps.

pozdrawiam,
Marek Kierdelewicz
KoBa ISP
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc