Thousands of interfaces
From: Peter Hicks
Date: Tue Oct 31 2006 - 04:26:04 EST
I have a dual 3GHz Xeon machine with a 2.4.21 kernel and thousands (15k+) of
ipip tunnel interfaces. These are being used to tunnel traffic from remote
routers, over a private network, and handed off to a third party.
Creating the interfaces takes longer and longer the more there are. For the
first thousand or so interfaces, creation takes place at the rate of 40 per
second, later it drops to around 1 per second, then one every five seconds.
The tunnels are created thus:
ip tunnel add $interface mode ipip remote $peer local $eth0_address
ip addr add $eth0_address peer $lanip dev $interface
ip link set $interface arp off up
ip route add $remote_subnet dev $interface
where $interface is the name of the tunnel, $peer is the 'external'
interface on the remote router, $eth0_address is eth0's address on the
tunnel box, and $remote_subnet is the network we're tunneling.
Is it possible to speed up creation of the interfaces? Currently it takes
around 24 hours. Is there are more efficient way to handle a very large
number of IP-IP tunnels? Would upgrading to a 2.6 kernel be of use?
Is there a userspace program which would handle this application better than
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/