hello, I am doing connection tracking test with different ruleset in iptables for instance, NOTRACK, Forwarding only, DNAT, SNAT and DNAT/SNAT together. I am using the tcpreplay and pcap-file which contains one millions packets to create connections in conntrack I have seen that the DNAT is giving more performance in terms of packet per seconds (pps) than the simple Forwarding only. I think the performance of simple FORWARDING should be higher than DNAT, since the DNAT has to modify the destination IP address and more procession of packets, while in simple forwarding, only routing is carried out. Can anyone elaborate the what is the reason behind this? Thank you. Regards, Ganesh Sharma Departement of Communications and Networks Aalto University, Finland. Phone:+358401587773 -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
