If I understand correctly, looking at RPS and taking into account the elimination of locking on packets, actual processing of packets by netfilters is still inherently serial? For example, if packet 1 is placed on the queue for CPU1 and packet 2 is placed on CPU2 at nearly the same time, packet 1 will be processed by netfilters and once the rules have been exhausted, packet 2 will be processed. On Mon, Jan 30, 2012 at 5:35 PM, Stephen Hemminger <shemminger@xxxxxxxxxx> wrote: > On Tue, 31 Jan 2012 01:28:21 +0100 (CET) > Jan Engelhardt <jengelh@xxxxxxxxxx> wrote: > >> On Tuesday 2012-01-31 00:46, David Zage wrote: >> >> >Has there been work on netfilter to take advantage of multiple cores >> >(e.g., concurrent packet processing)? >> >> Filtering runs on the same core as networking gives us. Therefore, >> consult with General Networking for RPS and RFS. > > Lots of work has gone into eliminating locking when processing packets > on multiple cores. This makes multi-queue NIC's and RPS more efficient. > > Also the semantics of rule evaluation are sequential. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
