Re: Which CPU for heavy traffic with much filtering/shaping?
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Marek Kierdelewicz wrote:
HiHiI have a router with a large number of iptables rules and some extensive traffic shaping (HTB + RED + ... ) + conntrack.Performance boost tips: - Use "set" module instead of sequential iptables rules. It can lower cpu usage.
Hmm - I don't know what the "set" module is - can you point me to some documentation please?
- Use hashing filters for shaping if you're using many u32 filters.
- configure conntrack to use bigger hashsize for better performance; i'm passing following parameter to kernel in grub to achieve this:ip_conntrack.hashsize=1048575
I have 64k in conntrack_max and hashsize of 16000 Currently running with about 20000 conntrack connections I will try increasing this
- configure routecache to use bigger to use more memory for better performance; i'm passing following parameter to kernel in grub to achieve this: rhash_entries=24000001. What processors should I be looking for in order to achieve the best routing throughput on a linux router?I've had good experiences with P4 (with and without HT), Athlon64, Xeon [dempsey], Xeon [woodcrest]. The last one is the best choice because of the large cache and architecture. I think you can use Core 2 Duo too if you want to save some money.
Thanks - I will see what I can get
That is good news :) - however I guess 4 core with dual ethernet would not help very much!2. Is it true that multicore processors will not help much in this situation?Not true. In your setup with two nics with same load you can easily use two cores. You can assign each nic to different core by the means of smp_affinity setting in /proc/irq/... or by using irqbalance daemon.
Best regards, Derekpozdrawiam Marek Kierdelewicz KoBa ISP _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Best regards, Derek _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc