From owner-freebsd-net Mon Feb 11 8:51: 7 2002 Delivered-To: freebsd-net@freebsd.org Received: from bob.inty.net (bob.inty.net [213.38.150.165]) by hub.freebsd.org (Postfix) with ESMTP id 42F7E37B400 for ; Mon, 11 Feb 2002 08:51:03 -0800 (PST) Received: from inty.hq.inty.net ([213.38.150.161]) by bob.inty.net (8.11.3/8.11.3) with ESMTP id g1BGosf30038 for ; Mon, 11 Feb 2002 16:50:55 GMT Received: from tariq ([10.0.1.156]) by inty.hq.inty.net (8.12.1/8.12.1) with SMTP id g1BGosYl037165 for ; Mon, 11 Feb 2002 16:50:54 GMT From: "Tariq Rashid" To: Subject: RE: squeeze more performance out of natd? Date: Mon, 11 Feb 2002 16:53:54 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <004701c1b01e$7039d3f0$361c1a09@gsicomp.on.ca> X-Sender-IP: 10.0.1.156 X-INT-DeliveryDone: g1BGosYl037165 X-suppress-rcpt-virus-notify: yes X-Skip-Virus-Check: yes X-Virus-Checked: 29835 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org some tests seems to show that natd's cpu load goes up because we have a large file descriptor set for select() - this is more of a problem than the kernelspace/userland packet traversal. the traffic its handling is something like 1500 low traffic tcp connections to a single server port. from doing some rtfm-ing i see that select() is not very scalable - not good for large fd sets and not good if they are nearly alwats ready for reading. does this sound no too far wrong? (i'm not an expert my any means) possible ideas: * is doing a select on 1000 file descriptors more efficient than having 10 selects on 100 file descriptors? * what about diverting to multiple natd processes? * threading? are there any benefits at all in this scenario? tariq -----Original Message----- From: owner-freebsd-net@FreeBSD.ORG [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Matthew Emmerton Sent: 07 February 2002 21:29 To: Tariq Rashid; freebsd-net@FreeBSD.ORG Subject: Re: squeeze more performance out of natd? > i've spent a good number of hours RTFMs, trying to make the best of a bad > situtaion: userland natd instead of kernel-space nat. I've been told that if you use ipf and ipnat, then you get the benefit of kernel-space NAT. Have you investigated this to see how it compares to natd/ipfw for your purposes? -- Matt Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message intY has automatically scanned this email with Sophos Anti-Virus (www.inty.net) intY has automatically scanned this email with Sophos Anti-Virus (www.inty.net) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message