All of lore.kernel.org
 help / color / mirror / Atom feed
* [LARTC] Matching with Layer7 vs. IPP2P
@ 2006-04-18 23:47 Arik Raffael Funke
  2006-04-19  7:35 ` Jandre Olivier
  0 siblings, 1 reply; 2+ messages in thread
From: Arik Raffael Funke @ 2006-04-18 23:47 UTC (permalink / raw)
  To: lartc

Hi,

can anybody comment on the cost of matching with IPP2P vs. Layer7.

Also, does a iptables rule with more complicated matching mechanism also 
slow down processing if all the packets are matched before they reach 
the rule. I.e. is the mere existence of a potentially costly rule 
already slowing down processing or only if packets are actually 
processed by it?

Thanks very much in advance.

Best regards,
Arik

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [LARTC] Matching with Layer7 vs. IPP2P
  2006-04-18 23:47 [LARTC] Matching with Layer7 vs. IPP2P Arik Raffael Funke
@ 2006-04-19  7:35 ` Jandre Olivier
  0 siblings, 0 replies; 2+ messages in thread
From: Jandre Olivier @ 2006-04-19  7:35 UTC (permalink / raw)
  To: lartc

I was just about to post the same post,

I currently use ipp2p and it works pretty well, It just doesnt seem to 
track morpheous(fasttrack) protocols, otherwise it works pretty well. I 
have quite alot of connections and havent seen any performance issues. 
My next step is to add L7 as well with ipp2p to completely block/shape p2p.

However I find L7 bit more tricky than ipp2p to compile
Cannot comment on L7

J


Arik Raffael Funke wrote:
> Hi,
> 
> can anybody comment on the cost of matching with IPP2P vs. Layer7.
> 
> Also, does a iptables rule with more complicated matching mechanism also 
> slow down processing if all the packets are matched before they reach 
> the rule. I.e. is the mere existence of a potentially costly rule 
> already slowing down processing or only if packets are actually 
> processed by it?
> 
> Thanks very much in advance.
> 
> Best regards,
> Arik
> 
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

-- 
/*---------------------------------------------------------------------*/
                         __   _
             ---------- / /  (_)__  __ ____  __  ---------
               ------- / /__/ / _ \/ // /\ \/ / --------
                 ---- /____/_/_//_/\_,_/ /_/\_\ ------
                    localhost@localdomain.za.net
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-04-19  7:35 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-04-18 23:47 [LARTC] Matching with Layer7 vs. IPP2P Arik Raffael Funke
2006-04-19  7:35 ` Jandre Olivier

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.