From mboxrd@z Thu Jan 1 00:00:00 1970 From: Marek Kierdelewicz Date: Mon, 19 Nov 2007 16:40:34 +0000 Subject: Re: [LARTC] Which CPU for heavy traffic with much filtering/shaping? Message-Id: <20071119174034.1b7e9bb7@catlap> List-Id: References: <47415A73.9020107@interdart.co.uk> In-Reply-To: <47415A73.9020107@interdart.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org >Hi Hi >I have a router with a large number of iptables rules and some >extensive traffic shaping (HTB + RED + ... ) + conntrack. Performance boost tips: - Use "set" module instead of sequential iptables rules. It can lower cpu usage. - Use hashing filters for shaping if you're using many u32 filters. - configure conntrack to use bigger hashsize for better performance; i'm passing following parameter to kernel in grub to achieve this: ip_conntrack.hashsize48575 - configure routecache to use bigger to use more memory for better performance; i'm passing following parameter to kernel in grub to achieve this: rhash_entries$00000 >1. What processors should I be looking for in order to achieve the >best routing throughput on a linux router? I've had good experiences with P4 (with and without HT), Athlon64, Xeon [dempsey], Xeon [woodcrest]. The last one is the best choice because of the large cache and architecture. I think you can use Core 2 Duo too if you want to save some money. >2. Is it true that multicore processors will not help much in this >situation? Not true. In your setup with two nics with same load you can easily use two cores. You can assign each nic to different core by the means of smp_affinity setting in /proc/irq/... or by using irqbalance daemon. >Best regards, >Derek pozdrawiam Marek Kierdelewicz KoBa ISP _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc