From mboxrd@z Thu Jan  1 00:00:00 1970
From: George Alexandru Dragoi <waruiinu@gmail.com>
Date: Wed, 29 Sep 2004 10:13:20 +0000
Subject: [LARTC] Scalability
Message-Id: <3063e50409290313b61b303@mail.gmail.com>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

Hello everyone,


I want an opinion from people who tryed different matching modules to
match diferent types of traffic, especially p2p ones.
I would like to hear which scales better as CPU usage and latency :
ipp2p, iptables-p2p or l7-filter with the p2p patterns. I want to use
one of them to block most of p2p (except maybe dc++ and emule which i
want to shape). I would use the matching rules in mangle table, i hope
there is a way not to make the entire traffic matching the rules.
After i mark such traffic, i want to use connmark to mark the entire
stream and then to change the mark based on ip of every LAN client.
Perhaps a tweak would be to send 0x0 marked traffic to a chain and
apply such matches there, so really few traffic will  go to p2p
matching. Everything you people will tell me are very apreciated, i
wil probably begin working on this on a server from now in some days.

Thanks in advance.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/