From mboxrd@z Thu Jan 1 00:00:00 1970 From: Evgeni Gechev Date: Mon, 10 Mar 2003 18:42:06 +0000 Subject: Re: [LARTC] Bandwith limitation Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Stef Coene wrote: > > Stef, > > > > We have about 3200 iptables rules on our bridge. I've tested today to > > remove 1000 of these rules. The load dropped from about 40% to 25%. So I > > think the iptables rule take up the most of the CPU load. Do you think this > > is a problem of ineffeciency of iptables or just a 'limitation' in the > > TCP/IP stack of linux ? > I don't think it's a limitation. I think you reached the point where you need > a bigger machine :) Some topic-related observations: AMD Athlon XP1700+ (1466), 4xRealtek8139, 5-6Mbit/s - nearly reaching the limit of machine capabalities P4 2000, 3com905C+BROADCOM BCM5701, 40-50Mbit/s - far better behavior Same configuration on both, thousands of iptables rules, and on the p4 machine there are 200-250 concurrent pppoe sessions (none on the athlon) > > Maybe you can try to iptables mailing list to find more info about the > performance you can expect : > http://lists.netfilter.org/mailman/listinfo/netfilter > > Stef > > -- > > stef.coene@docum.org > "Using Linux as bandwidth manager" > http://www.docum.org/ > #lartc @ irc.oftc.net > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/