Date: Wed, 9 Oct 2002 00:07:11 -0500 (CDT) From: Mike Silbersack <silby@silby.com> To: Christopher Smith <csmith@its.uq.edu.au> Cc: hardware@freebsd.org, <net@freebsd.org> Subject: Re: High interrupt load on firewalls Message-ID: <20021009000519.J2019-100000@patrocles.silby.com> In-Reply-To: <B9C9E292.30E56%csmith@its.uq.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 9 Oct 2002, Christopher Smith wrote: > We have two firewalls sitting on gigabit links. Each has 2 Netgear GA620 > (ti driver) fibre cards with about 7 vlans spread across them. Both these > machines run at *very* high interrupt loads (95 - 100% during business hours > (mostly 100%), 80 - 90 % during off hours). They are 1GHz P3 machines (Dell > 1550s) with 256MB of RAM. They're actually dual machines, but enabling the > second CPU doesn't help in terms of load, it just halves the numbers top > reports. I'm not sure if system vs interrupt accounting is entirely accurate, so I'm going to postulate that the firewall itself could actually be the dominant consumer of CPU time. Are you using ipfw? If so, have you tried out Luigi's new IPFW2? It was MFC'd to 4.6-stable, and is supposed to be more efficient. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021009000519.J2019-100000>