Hi all,
I have some questions regarding to 10GbE connectivity with
netfilter/iptables. I searched on google. But didn't find anything to
make a clear conclusion. Most of the results were just confusing,
conflicting with some others or quite outdated. So, I've decided to
write here to get best possible answers by its developers' mouth :-)
So, before asking my questions, here are the some details regarding to
the questioned environment :
- 10GbE NIC connectivity with the same speed direct Internet
(10Gbit/sec) connection.
- 350.000 - 400.000 packets/sec. inspections/forwarding in some peak
loads (it happens frequently. So, safe to say that it's average load
most of the time.)
- In peak times, there is 7-8 Gbit/sec. traffic. Average is around 5
Gbit/sec.
- Server has plenty of RAM and CPU/Cores. (Don't remember the exact
configs now.)
My questions :
1- Is netfilter subsystem multi-threaded/multi-core enabled ? So that,
it can spread the loads across the CPUs/Cores.
2- Can it handle such loads consistently (without any
issues/bottlenecks) as I've mentioned above ?
3- Is there any performance matrix and/or practical examples to see ?
4- What kind of netfilter/kernel configs recommended for such a load ?
Many Thanks In Advance For Your Valuable Answers!
Cheers.
Tarkan
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
