On Feb 15 2007 22:37, Maximilian Wilhelm wrote:
>Subject: Whats faster? multiple rules vs. multiport match
Of course a multiport match. Not that I have any hard proof for that, but
it's a feeling.
To match N ports with N rules, you will need to call N times into
xt_tcpudp of cost T.
To match N ports with N/20 rules using a multiport spec, you will need to
call N/20 times into xt_tcpudp of cost T and N/20 times into xt_multiport
of cost M.
For
T*N < T*N/20 + M*N/20, with N->Infinity
to hold,
In[9]:= Reduce[t*n < t*n/20+m*n/20, t]
m m
Out[9]= m \[Element] Reals && ((n < 0 && t > --) || (n > 0 && t < --))
19 19
we need T < M/19, or interpreted, xt_tcpudp needs to run through about 19
times less instruction/lines than xt_multiport, which seems unrealistic,
since xt_multiport's match function has (by eye) roughly the same number
of LoCs as xt_tcpudp.
Of course this is just theory, there might be a bug in my thinking, or
it's a close tie, and only a benchmark - I am not aware of any yet - can
prove it.
Jan
--
ft: http://freshmeat.net/p/chaostables/
