Re: Synfloods - SNAT slow down

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <netfilter@xxxxxxxxxxxxxxxxxxx>
Subject: Re: Synfloods - SNAT slow down
From: "Rob Sterenborg" <rob@xxxxxxxxxxxxxxx>
Date: Fri, 23 Apr 2004 16:37:16 +0200
References: <005201c428d1$a2ab2ea0$2800a8c0@jupiter> <200404230801.57077.lists@edeca.net> <007601c42938$e74199c0$2800a8c0@jupiter>
Sender: netfilter-admin@xxxxxxxxxxxxxxxxxxx

> I have two thousand hosts and two thousand forward rules :(

With so many hosts/rules you should be able to match subnets instead of
each host separately, reducing the number of rules greatly which in turn
improves Netfilter performance. Or do you have a special reason to do
this ?


Gr,
Rob

Follow-Ups:
- Re: Synfloods - SNAT slow down
  - From: krv

References:
- Synfloods - SNAT slow down
  - From: krv
- Re: Synfloods - SNAT slow down
  - From: David Cannings
- Re: Synfloods - SNAT slow down
  - From: krv

Prev by Date: Re: Synfloods - SNAT slow down
Next by Date: Re: Synfloods - SNAT slow down
Previous by thread: Re: Synfloods - SNAT slow down
Next by thread: Re: Synfloods - SNAT slow down
Index(es):
- Date
- Thread

[Index of Archives] [Linux Netfilter Development] [Linux Kernel Networking Development] [Netem] [Berkeley Packet Filter] [Linux Kernel Development] [Advanced Routing & Traffice Control] [Bugtraq]

Powered by Linux