Linux Netfilter discussions
 help / color / mirror / Atom feed
From: Raviv <raviv.haim@gmail.com>
To: netfilter@vger.kernel.org
Subject: Performance issues when enabling netfilter configuration
Date: Thu, 27 Jan 2011 14:28:07 +0200	[thread overview]
Message-ID: <4D4164D7.8050208@trego.co.il> (raw)

Hi,

I'm developing a bridge application (Ethernet <--> wireless) for both AP 
and Station.
I would like to keep a single kernel image for both AP and station. 
However the netfilter capabilities (conntrack) are only required at the 
Station.
I have configured the required netfilter capabilities to be loaded as 
modules. still there are some basic configurations i can't set as 
modules but only as built-ins.
So even-though i don't really need the netfilter in the AP these basic 
configuration exists and causes performance issue for network traffic 
(15% desegregation).
After a brief debug session i found out that when running the system 
without netfilter the packet (travailing : Eth-->Bridge-->Wireless) is 
passed with the same skb (all the way), while when netfilter is on the 
packet has a different skb while in Eth driver then the skb in the 
wireless driver. I suspect the skb switch/copy has happened in the 
bridge code.

1. Is there a way to maintain a single kernel image without hurting the 
performance so bad?
2. Why is the packet copied from one skb to another?

Regards,
Raviv

                 reply	other threads:[~2011-01-27 12:28 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4D4164D7.8050208@trego.co.il \
    --to=raviv.haim@gmail.com \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox