Em Wed, Apr 06, 2011 at 01:02:39PM -0700, David Miller escreveu: > From: Arnaldo Carvalho de Melo <acme@xxxxxxxxxxxxxxxxxx> > Date: Wed, 6 Apr 2011 16:57:19 -0300 > > > Something like ftrace code changing when the user inserts the first > > rule? > > > > People wanting top performance disable it in the build, but thos wanting > > to stick to vendor provided kernels don't have that choice :) > > Using ftrace-like stubs would be an interesting idea, and I highly encourage > people to work on something like that. cool, these code modification and JIT mechanizms open up a lot of possibilities indeed ;-) > However I want to reiterate that I think that real rules are installed > in Jesse's case, and once he removes those the majority of the > overhead will disappear. The FC14 workstation I'm using right now, on > > which I've made no modifications to the installer's netfilter settings, > has the following rules: <SNIP> > I suspect Jesse has something similar on his test box. > > When no rules are loaded, all the stubs make happen is a function call > plus a list_empty() check. Nothing more. I really can't see that, all > by itself, obliterating routing performance. Yeah, would be nice, since he is playing with it, for him to post numbers about the overheads. > In fact I've done udp flood tests, as recently as a month ago, with just > NETFILTER=y and no rules installed, and the impact was minimal. > > And that was on sparc64 where function calls are expensive :) :-) - Arnaldo _______________________________________________ kernel mailing list kernel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/kernel
