msn wrote:
Hi, I'm trying to dropping all UDP packets from specific address but it still has higher CPU usages. anyone has ideas for this issues ? here's example A --+---> F B --+ C --+ A/B/C sending massive UDP packets to F, also it has address dropping rules fro A/B/C. Yes, it is works fine. But if i see the CPU usages of 'F' some of cases it is using more than 20-30% when its(A/B/C) sending 100M to F. is there any best way to decreasing the CPU usage of the 'F' ? thanks in advance. Cheers. P.S : 1. INPUT filter dropping very higher CPU usages 2. TARPIT and prestate PREROUTING dropping less higher but not satisfied.
TARPITTING does not work on UDP, it's for TCP only. Just DROP in the raw table.
HTH, M4 - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
