I'd love to share. Whoever was interested in that, please let me know in an email. Thanks for the suggestions. I really appreciate them and I'll look into it. Adam Towarnyckyj -----Original Message----- From: Ed Wildgoose [mailto:lists@xxxxxxxxxxxxxx] Sent: Tuesday, June 22, 2004 12:09 AM To: adamt@xxxxxxxxxxxxx Cc: lartc@xxxxxxxxxxxxxxx Subject: Re: CBQ troubles, processor overload > The problem I'm running into is that the processor gets >overloaded because of the amount of work tc is doing. I assumed it would >be able to handle the apx 5000 customers we have on it. I have a bridge >set up between two devices that run from the internet to the local >network. This bridge takes up 20% of the CPU when tc is not enabled. >When tc becomes enabled, it finishes off the rest of the CPU and eats >most of the queue as well. > > 5,000 rules is significant. Have a look at the hashing examples in the LARTC howto for some ideas on how to slash bandwidth required. There is also a high performance iptables project kicking around which does much better for large rulesets. Since you don't seem to need anything advanced I would have thought this was a drop in replacement. Have a look at http://www.hipac.org/index.htm - Never used it though, just came across it on google. I think there is another chap who posted a few hours earlier may be really interested in your perl script to read users from the DB and build rules. If you have any kind of traffic accounting I think he would be interested in that as well. Want to share any of that...? Good luck Ed W _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
