Hi, Can anyone point me to some performance comparison of netfilter on i686 and x86_64? I have a few linux routers doing a lot of firewalling and QoS. Currently those routers use i686 arch on 64-bit hardware. Would I notice any performance gain after moving to 64-bit kernel? Next question. On some routers I don't need statefull firewall at all and I have NOTRACT as a default rule in raw netfilter table. What is the expected performance gain if I would fully disable conntrack instead of using NOTRACK target? What would be the best approach to do it on debian squeeze distribution kernel (nf_conntrack compiled as a module)? Is blacklisting nf_conntrack module enough (to be safe in case of accidental addition of statefull rule)? best regards, Marek Kierdelewicz -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
