* ip_conntrack problem / perfomance
@ 2002-10-04 7:47 Denis Fedorishenko
0 siblings, 0 replies; only message in thread
From: Denis Fedorishenko @ 2002-10-04 7:47 UTC (permalink / raw)
To: linux-kernel
Dear Mr. linux-net@vger.kernel.org !
I got some problem with conntrack. Very strange problems...
1st - i compile it as module on RedHat kernel 2.4.18-3custom.
I have NAT on this machine, and have users who work on it.
When i start benchmark (polygraph + proxy server) on same host -
perfomance is ~800 req/s.
2nd - i have another, same configuration PC, and have compiled in (not
as module) 2.4.18-10custom and 2.4.20-pre8-ac3 kernel. When it
compiled in - i have at starts ~800 req/s and after 10-20 seconds it
decrease to ~200req/s. If i compile ip_conntrack as module, and not use
ip_conntrack - 1000 req/s. If use as module - decrease to 200 req/s.
I have questions:
1)Is a possible to use any alternative hash for ip_conntrack or like
this?
2)Why conntrack track all requests (for example local) and what way to
drop this tracks, but i still need ip_conntrack to NAT?
3)Any other suggestions?
About hardware:
2xPIII|1.3Ghz / ServerWorks / 2xEtherExpress/100 /1GB RAM
Also in logs, not always, but i see messages like "ip_conntrack: table
full, dropping packet.", but on 2.4.18-custom3 i see this messages
too... but it works 800 req/s :)
Thank you!
-----------------------------------------------------------------------------------------
Fedorishenko Denis Olegovich
nuclearcat@nuclearcat.com * Tel: +380 679322793
www.nuclearcat.com * www.planetsky.org * www.itelsat.org
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2002-10-04 7:35 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-10-04 7:47 ip_conntrack problem / perfomance Denis Fedorishenko
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox