Jozsef Kadlecsik wrote:
On Fri, 13 May 2005, Christophe SUIRE wrote:
This not a problem with the network card, because when i do the test
with only firewall routing i have a total bandwidth used near to
500Mbit/s.
But when i add an SNAT translation for each network (10) the total
bandwidth used is near 170Mbit/s.
So why this important difference without an with NAT ??
NAT *is* expensive. Have a look at the paper on netfilter performance
tests and comparisons at http://people.netfilter.org/kadlec/nftest.pdf
the ip_conntrack module sucks. Lovely cpu chewer.
