From owner-freebsd-net@FreeBSD.ORG Fri Apr 26 15:54:44 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 8D097657 for ; Fri, 26 Apr 2013 15:54:44 +0000 (UTC) (envelope-from andre@freebsd.org) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.freebsd.org (Postfix) with ESMTP id 0498B100C for ; Fri, 26 Apr 2013 15:54:43 +0000 (UTC) Received: (qmail 8436 invoked from network); 26 Apr 2013 16:58:59 -0000 Received: from c00l3r.networx.ch (HELO [127.0.0.1]) ([62.48.2.2]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 26 Apr 2013 16:58:59 -0000 Message-ID: <517AA337.8050505@freebsd.org> Date: Fri, 26 Apr 2013 17:54:31 +0200 From: Andre Oppermann User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130328 Thunderbird/17.0.5 MIME-Version: 1.0 To: Erich Weiler Subject: Re: pf performance? References: <5176E5C1.9090601@soe.ucsc.edu> <20130426134224.GV76816@FreeBSD.org> <517A93FE.7020209@soe.ucsc.edu> In-Reply-To: <517A93FE.7020209@soe.ucsc.edu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Apr 2013 15:54:44 -0000 On 26.04.2013 16:49, Erich Weiler wrote: >> The pf isn't a process, so you can't see it in top. pf has some helper >> threads however, but packet processing isn't performed by any of them. > > But the work pf does would show up in 'system' on top right? So if I see all my CPUs tied up 100% > in 'interrupts' and very little 'system', would it be a reasonable assumption to think that if I got > more CPU cores to handle the interrupts that eventually I would see 'system' load increase as the > interrupt load became faster to be handled? And thus increase my bandwidth? Having the work of pf show up in 'interrupts' or 'system' depends on the network driver and how it handles sending packets up the stack. In most cases drivers deliver packets from interrupt context. > In other words, until I see like 100% system usage in one core, I would have room to grow? You have room to grow if 'idle' is more than 0% and the interrupts of the networks cards are running on different cores. If one core gets all the interrupts a second idle core doesn't get the chance to help out. IIRC the interrupt allocation to cores is done at interrupt registration time or driver attach time. It can be re-distributed at run time on most architecture but I'm not sure we have an easily accessible API for that. -- Andre