* netfilter benchmarks on two gigabit ethernet cards
@ 2005-08-22 19:58 Zef
2005-08-22 21:30 ` Stephen J. Smoogen
2005-08-23 6:50 ` Jozsef Kadlecsik
0 siblings, 2 replies; 4+ messages in thread
From: Zef @ 2005-08-22 19:58 UTC (permalink / raw)
To: netfilter
Hello
do you know any benchmarks showing packet per seconds filtering power of
netfilter running on X86 platforms with two gigabit cards?
Same question for ARM based platforms.
I know that this is a silly question cos it is heavily dependent on both
the hardware platform and the filtering rules, but I really need to know
the numbers ( or I'll do the tests by myself ).
Thanks for netfilter.
Zef'
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: netfilter benchmarks on two gigabit ethernet cards
2005-08-22 19:58 netfilter benchmarks on two gigabit ethernet cards Zef
@ 2005-08-22 21:30 ` Stephen J. Smoogen
2005-08-23 6:50 ` Jozsef Kadlecsik
1 sibling, 0 replies; 4+ messages in thread
From: Stephen J. Smoogen @ 2005-08-22 21:30 UTC (permalink / raw)
To: netfilter
I dont have any published numbers but what I found was that it
depended on multiple factors:
PCI-Extreme vs PCI-X vs PCI
PCI 32bit vs 64 bit card
switch vendor
card vendor and chipset (intel vs broadcom etc)
Kernel version
2.4.9 vs 2.4.20 vs 2.4.24 gave different numbers
vendor kernels also widely different
2.6.0 vs 2.6.9 also gave different numbers
IA32 vs AMD-64
We were able to get about 89% sustained wire-rate (1.78 Gbit over
2Gbit throughput) on a 1.5 Ghz system with 133 Mhz PCI-X E1000 cards.
The AMD64 system we were spec'ing out would have been useful for
10Gbit traffic.
Things that killed our testing were dealing with small and large
packets on the wire at the same time. The testing guys were used to
testing gbit switches and throwing millions of small packets in with
the large packets and seeing what got through. The netfilter with
2.4.24 kernel didnt do too well (trhoughput fell to 60%) but I didnt
get time to try and tune beyond out of the box.
On 8/22/05, Zef <zef@fcvnet.net> wrote:
> Hello
>
> do you know any benchmarks showing packet per seconds filtering power of
> netfilter running on X86 platforms with two gigabit cards?
> Same question for ARM based platforms.
>
> I know that this is a silly question cos it is heavily dependent on both
> the hardware platform and the filtering rules, but I really need to know
> the numbers ( or I'll do the tests by myself ).
>
> Thanks for netfilter.
>
> Zef'
>
>
--
Stephen J Smoogen.
CSIRT/Linux System Administrator
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: netfilter benchmarks on two gigabit ethernet cards
2005-08-22 19:58 netfilter benchmarks on two gigabit ethernet cards Zef
2005-08-22 21:30 ` Stephen J. Smoogen
@ 2005-08-23 6:50 ` Jozsef Kadlecsik
2005-08-23 8:57 ` Zef
1 sibling, 1 reply; 4+ messages in thread
From: Jozsef Kadlecsik @ 2005-08-23 6:50 UTC (permalink / raw)
To: Zef; +Cc: netfilter
Hi,
On Mon, 22 Aug 2005, Zef wrote:
> do you know any benchmarks showing packet per seconds filtering power of
> netfilter running on X86 platforms with two gigabit cards?
http://people.netfilter.org/kadlec/nftest.pdf summaries the results of
such tests we performed at the beginning of this year.
Best regards,
Jozsef
-
E-mail : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2005-08-23 8:57 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-08-22 19:58 netfilter benchmarks on two gigabit ethernet cards Zef
2005-08-22 21:30 ` Stephen J. Smoogen
2005-08-23 6:50 ` Jozsef Kadlecsik
2005-08-23 8:57 ` Zef
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.