On Wed, Jul 24, 2002 at 09:24:56PM +0800, zhengchuanbo wrote:
>=20
> we use a linux router. i just tested the performance of the router. when =
the
> kernel is build without netfilter support,the throughput of 64bytes fram=
e is
> about 45%. when i build the kernel with netfilter (only the ip_filter
> module),the throughput dropped to 24%, without any rules.
I assume you are talking about the iptable_filter module?=20
The loss from 45 to 25 percent sounds reasonable. You add computational=20
overhead to the codepath for every packet. =20
That initially you only achieve 45% (of what input packet rate?) indicates =
that
your system is in severe need of tuning. =20
Please look through the mailinglist archives to find out about NAPI and
related work.
--=20
Live long and prosper
- Harald Welte / laforge@gnumonks.org http://www.gnumonks.org/
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+=
=20
V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
--3IyuMspwcGTbYISR
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9P6iLXaXGVTD0i/8RAnXAAKCWYXBpBNsRcliNsK8TAZt7lNL2jQCfQM4t
uMgvsKLy/b+yfQs0WR4gFKc=
=CrvV
-----END PGP SIGNATURE-----
--3IyuMspwcGTbYISR--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/