From: Eric Leblond <eric@inl.fr>
To: Vincent Arniego <vincent_arniego@yahoo.com>
Cc: Thomas Jacob <jacob@internet24.de>, netfilter@vger.kernel.org
Subject: Re: [libnetfilter_queue] Load Balancing using multiple queues
Date: Fri, 6 Jun 2008 16:24:17 +0200 [thread overview]
Message-ID: <20080606142417.GB14841@bayen.regit.org> (raw)
In-Reply-To: <363599.48150.qm@web58313.mail.re3.yahoo.com>
[-- Attachment #1: Type: text/plain, Size: 1526 bytes --]
Hello,
On Friday, 2008 June 6 at 4:08:45 -0700, Vincent Arniego wrote:
> Hi Thomas,
>
> That's actually a good suggestion, Unfortunately we can't force teach our subscribers to use a proxy in their setup. They use a certain equipment that uses 3G and configuring it would be like rocket science to them.
>
Hmmm, most proxy can be configured to be used transparently.
> 11K packets per second, its ingress. We are looking at around 114 Mbps total traffic at the worst case scenario. And yep, its doesn't look like much... yet.
>
> The application's made already, and it looks at patterns in the payload to determine whether its a GET or http Response. Its working, but we would like to know if there's a way to spread the traffic out among multiple queues automatically.
>
> I was thinking of something like
>
> iptables -A FORWARD -p tcp --dport 80 -j NFQUEUE --queue-num 0:5
>
> something like that. This doesn't work btw.
You can use statistic module to do so by using something like:
iptables -A FORWARD -p tcp --dport 80 -m statistic \
--mode nth --every 6 --packet 0 -j NFQUEUE --queue-num 0
iptables -A FORWARD -p tcp --dport 80 -m statistic \
--mode nth --every 6 --packet 1 -j NFQUEUE --queue-num 1
....
iptables -A FORWARD -p tcp --dport 80 -m statistic \
--mode nth --every 6 --packet 5 -j NFQUEUE --queue-num 5
But, I don't think you will get much performance improvement by doing that.
BR,
--
Eric Leblond
INL: http://www.inl.fr/
NuFW: http://www.nufw.org/
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2008-06-06 14:24 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-06 11:08 [libnetfilter_queue] Load Balancing using multiple queues Vincent Arniego
2008-06-06 14:24 ` Eric Leblond [this message]
2008-06-06 14:46 ` Thomas Jacob
2008-06-06 14:50 ` Grant Taylor
-- strict thread matches above, loose matches on Subject: below --
2008-06-09 11:03 Vincent Arniego
2008-06-06 1:49 Vincent Arniego
2008-06-06 9:39 ` Thomas Jacob
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080606142417.GB14841@bayen.regit.org \
--to=eric@inl.fr \
--cc=jacob@internet24.de \
--cc=netfilter@vger.kernel.org \
--cc=vincent_arniego@yahoo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox