Marek Kierdelewicz wrote:
Hi
Hi
I have a router with a large number of iptables rules and some
extensive traffic shaping (HTB + RED + ... ) + conntrack.
Performance boost tips:
- Use "set" module instead of sequential iptables rules. It can lower
cpu usage.
Hmm - I don't know what the "set" module is - can you point me to some
documentation please?
- Use hashing filters for shaping if you're using many u32 filters.
Only 3
- configure conntrack to use bigger hashsize for better performance;
i'm passing following parameter to kernel in grub to achieve this:
ip_conntrack.hashsize=1048575
I have 64k in conntrack_max and hashsize of 16000
Currently running with about 20000 conntrack connections
I will try increasing this
- configure routecache to use bigger to use more memory for better
performance; i'm passing following parameter to kernel in grub to
achieve this: rhash_entries=2400000
1. What processors should I be looking for in order to achieve the
best routing throughput on a linux router?
I've had good experiences with P4 (with and without HT), Athlon64, Xeon
[dempsey], Xeon [woodcrest]. The last one is the best choice because of
the large cache and architecture. I think you can use Core 2 Duo too
if you want to save some money.
Thanks - I will see what I can get
2. Is it true that multicore processors will not help much in this
situation?
Not true. In your setup with two nics with same load you can easily use
two cores. You can assign each nic to different core by the means of
smp_affinity setting in /proc/irq/... or by using irqbalance daemon.
That is good news :) - however I guess 4 core with dual ethernet would
not help very much!
Best regards,
Derek
pozdrawiam
Marek Kierdelewicz
KoBa ISP
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Best regards,
Derek
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
