RE: Performance losings with iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

not sure what version of iptables you have, but I have 707 rules in all the various tables of filter and nat - none in the mangle table yet I have seen zero (0) performance degradation on a P3 500 that also runs squid proxy, has a DMZ with a web farm, and has about 100 ipsec tunnels


From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Michael Albrecht
Sent: Tuesday, May 13, 2003 11:57 AM
To: netfilter@xxxxxxxxxxxxxxxxxxx

 
Hello,
i use iptables with Debian-Linux (2.4.20).
Wenn i install 150 Input-Chains like this:
iptables -A input -s 192.168.81.xxx
i will lose a lot of perfomance (for example: apache take a lot of time, ssh ...)
Wenn i show the perfomance with vmstat - vmstat says that 99 % is idel...
Wer is the Problem ???
 
Thanks for helping ... Michael
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux