>Hi Hi >I have a router with a large number of iptables rules and some >extensive traffic shaping (HTB + RED + ... ) + conntrack. Performance boost tips: - Use "set" module instead of sequential iptables rules. It can lower cpu usage. - Use hashing filters for shaping if you're using many u32 filters. - configure conntrack to use bigger hashsize for better performance; i'm passing following parameter to kernel in grub to achieve this: ip_conntrack.hashsize=1048575 - configure routecache to use bigger to use more memory for better performance; i'm passing following parameter to kernel in grub to achieve this: rhash_entries=2400000 >1. What processors should I be looking for in order to achieve the >best routing throughput on a linux router? I've had good experiences with P4 (with and without HT), Athlon64, Xeon [dempsey], Xeon [woodcrest]. The last one is the best choice because of the large cache and architecture. I think you can use Core 2 Duo too if you want to save some money. >2. Is it true that multicore processors will not help much in this >situation? Not true. In your setup with two nics with same load you can easily use two cores. You can assign each nic to different core by the means of smp_affinity setting in /proc/irq/... or by using irqbalance daemon. >Best regards, >Derek pozdrawiam Marek Kierdelewicz KoBa ISP _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
