From: Ethan Sommer <sommere@gac.edu>
To: bridge@lists.osdl.org
Subject: [Bridge] Performance problems on vlan bridge
Date: Thu, 22 Jun 2006 21:09:01 -0500 [thread overview]
Message-ID: <449B4D3D.9070703@gac.edu> (raw)
We have been having some performance problems with our linux bridge. I
have no idea where to look to start diagnosing the problem, so I'll
explain what we've done and hope that you might tell me where to start
looking. Almost everything appears to work fine, but when I try to
stream music using WMP or mp3 streaming, I can only stream about 30
seconds before it cuts out. I used to be able to stream for hours.
We used to have a firewall which seperated our wireless network from the
rest of the network. It is a dual 2.8ghz xeon with two Intel GB network
cards. It used to have two interfaces, eth0 which was the default
gateway and eth1 which was the wireless subnet.
The Problem:
We had a large amount of broadcast traffic on the network (often about
1Mpbs), and occasionally would have network storms where we would have
50-60Mbps of broadcast traffic (clearly not desirable for a network
specifically for wireless clients.) We considered subnetting the
network, but we'd like to allow people to register once with our
wireless network and be able to roam anywhere we have wireless APs.
Our solution (well, if we can get it to work):
One day I had an epiphany: we could use a linux bridge and use iptables
to block unwanted broadcast packets from going between buildings.
So I started setting up one vlan per building specifically for wireless
and added them to br0. (I only got 2 buildings done before I noticed the
problems though)
now the firewall has eth0 pointing to the internet and brctl show looks
like this:
bridge name bridge id STP enabled interfaces
br0 8000.00e0812a0540 no eth1.307
eth1.336
eth1.6
where eth1.6 is everything I haven't done yet, and 307 and 336 are the
buildings I separated off. I haven't added any iptables rules to block
anything yet.
So, as I said in the beginning, everything but streaming music seems to
work. The load average on the router/bridge is very low (ususally below
.03) as is the cpu percentage. There isn't a lot of traffic this time of
year, so I expect that the problem will get worse if we keep things as
they are when students return in the fall.
The number of conntracks isn't anywhere near the limit we set. There is
plenty of memory free...
Any ideas about how to find the problem would be appreciated.
Ethan Sommer
UNIX Systems Administrator
Gustavus Adolphus College
next reply other threads:[~2006-06-23 2:09 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-23 2:09 Ethan Sommer [this message]
2006-07-07 18:53 ` [Bridge] Performance problems on vlan bridge Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=449B4D3D.9070703@gac.edu \
--to=sommere@gac.edu \
--cc=bridge@lists.osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.