I know that routes can be cached what should help, but here we are talking about tc u32 filter, which can not be cached as I know without hierarchy it is not posible to decrease amount of testing
but the interesting idea is to use route for packet classification or it can be simulated with netfilters connmark module. then amount of test to be done will be more than half of active connections number.
I think I will do exactly that. I was thinking somewhere along the lines that the routing infrastructure would be the best place to do it, but the connection tracker of netfilter is quite a bonus since it keeps state and so does minimize the times when I need to walk my classification tree to find out how to treat the connection.
Also I don't really need to route, since all the traffic goes out of the same interface anyway.
Thanks for all the hints !
CU
René
----- Original Message ----- From: <alex@xxxxxxxxxxxx>
To: "Roy" <roy@xxxxxx>
Cc: <lartc@xxxxxxxxxxxxxxx>
Sent: Wednesday, March 31, 2004 4:06 AM
Subject: Re: large routing table
On Wed, 31 Mar 2004, Roy wrote:
100kbytes of prefixes is not so good , hashing does not mean
anything
faster when checking ip you will need to test 4 bytes in any
way, since
hash is usualy 32 bit too. this can help on very complex rules
only. so
if you pump 100 kbytes of prefixes this is probably 7000
addreses so on
each packet 7000 tests will be done.
Incorrect. Linux route lookup is crappy, but not THAT crappy. Route-cache somewhat helps too.
-alex
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
