i applied the NAPI patch. this did improved the performance. but i wonder if it is stable because it's new to me.
i used tc to apply the trffic control. that's a little complicated. and i have not tried policy routing. anyway that's a good idea adn i'll try latter.
i still wish there could be some way to simplify netfilter and improve the perform.
zhengchuanbo
zhengcb@netpower.com.cn
>On Wed, Jul 24, 2002 at 09:24:56PM +0800, zhengchuanbo wrote:
>> we use a linux router. i just tested the performance of the router. when the kernel is build without netfilter support,the throughput of 64bytes frame is about 45%. when i build the kernel with netfilter (only the ip_filter module),the throughput dropped to 24%, without any rules.
>> so is there some way to improve the performance? i just want some simple packet filter. is netfilter no so good on the performance compare to ipchains due to the improved functionality?
>> please cc. thanks.
>
>If (1) your needs are simple, and (2) netfilter can't handle the throughput,
>then you can consider using the traffic control and policy routing features
>of the kernel in conbination with the u32 classifier.
>
>this requires extremely low-level bit manipulation (perhaps tcng provides
>a better interface?), but can probably hit very high throughput numbers for
>simple filtering tasks.
>
>Also, are you using the NAPI patches? If not, get them and apply them.
>[search the last month of lkml for "napi".]
>
>regards,
>
> bill rugolsky
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Jul 30 2002 - 14:00:16 EST