From mboxrd@z Thu Jan  1 00:00:00 1970
From: Paul Lambert <paul@digis.net>
Date: Fri, 28 May 2004 15:50:00 +0000
Subject: Re: [LARTC] MARK causes high CPU usage / using tc in conjunction
Message-Id: <40B75FA8.7070805@digis.net>
List-Id: <lartc.vger.kernel.org>
References: <40AFC555.1010900@digis.net>
In-Reply-To: <40AFC555.1010900@digis.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

I'm actually using the WISP Billing System from PowerNOC. I talked with 
them about your idea and they implemented it for me already. It is 
working great. Thanks everyone for your help!

Andreas Klauer wrote:

> Am Saturday 22 May 2004 23:25 schrieb Paul Lambert:
> 
>>This setup has worked well for more than 1000 devices but as the network
>>has grown to 3000+ devices the CPU is not keeping up.
> 
> 
> I guess you mean 3000+ clients, not actual network devices on one machine.
> 
> 
>>*** eth0 is MASQUERADE'd so I mark the packet on eth1 ***
>>*** I have narrowed it down to this one entry sucking all the CPU ***
>>iptables -t mangle -A PREROUTING -s 10.10.6.20 -i eth1 -j MARK
>>--set-mark 0x843
> 
> 
> Well, if you have 3000+ rules like that, it will certainly slow you down.
> You should use some kind of hashing. How that is done for tc filters,
> is described here: http://www.lartc.org/lartc.html#LARTC.ADV-FILTER.HASHING
> 
> Apply the same (or a similar) mechanism to your iptables ruleset and 
> you should get improved speeds.
> 
> HTH
> Andreas
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/