Hello, On Friday, 2008 June 6 at 4:08:45 -0700, Vincent Arniego wrote: > Hi Thomas, > > That's actually a good suggestion, Unfortunately we can't force teach our subscribers to use a proxy in their setup. They use a certain equipment that uses 3G and configuring it would be like rocket science to them. > Hmmm, most proxy can be configured to be used transparently. > 11K packets per second, its ingress. We are looking at around 114 Mbps total traffic at the worst case scenario. And yep, its doesn't look like much... yet. > > The application's made already, and it looks at patterns in the payload to determine whether its a GET or http Response. Its working, but we would like to know if there's a way to spread the traffic out among multiple queues automatically. > > I was thinking of something like > > iptables -A FORWARD -p tcp --dport 80 -j NFQUEUE --queue-num 0:5 > > something like that. This doesn't work btw. You can use statistic module to do so by using something like: iptables -A FORWARD -p tcp --dport 80 -m statistic \ --mode nth --every 6 --packet 0 -j NFQUEUE --queue-num 0 iptables -A FORWARD -p tcp --dport 80 -m statistic \ --mode nth --every 6 --packet 1 -j NFQUEUE --queue-num 1 .... iptables -A FORWARD -p tcp --dport 80 -m statistic \ --mode nth --every 6 --packet 5 -j NFQUEUE --queue-num 5 But, I don't think you will get much performance improvement by doing that. BR, -- Eric Leblond INL: http://www.inl.fr/ NuFW: http://www.nufw.org/
Attachment:
signature.asc
Description: Digital signature
