From owner-freebsd-ipfw@FreeBSD.ORG Tue Dec 27 00:54:42 2011 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 97D33106566C for ; Tue, 27 Dec 2011 00:54:42 +0000 (UTC) (envelope-from ptyll@nitronet.pl) Received: from mail.nitronet.pl (smtp.nitronet.pl [195.90.106.27]) by mx1.freebsd.org (Postfix) with ESMTP id 5483B8FC0A for ; Tue, 27 Dec 2011 00:54:42 +0000 (UTC) Received: from mailnull by mail.nitronet.pl with virscan (Exim 4.76 (FreeBSD)) (envelope-from ) id 1RfLJQ-000EF1-No for freebsd-ipfw@freebsd.org; Tue, 27 Dec 2011 01:54:40 +0100 Date: Tue, 27 Dec 2011 01:54:31 +0100 From: Pawel Tyll X-Priority: 3 (Normal) Message-ID: <1498545030.20111227015431@nitronet.pl> To: freebsd-ipfw@freebsd.org, freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: Nitronet.pl X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: ptyll@nitronet.pl X-SA-Exim-Scanned: No (on mail.nitronet.pl); SAEximRunCond expanded to false Cc: Subject: Firewall Profiling. X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Dec 2011 00:54:42 -0000 Hi lists, Are there any profiling tools in the system or ports that would allow me to determine how much processing is being done per packet and how long does it take? I would like to predict possible PPS load for my system and perhaps locate and remove some bottlenecks. Is IPFW efficient enough to firewall 2x10GE (in+out) interfaces without much latency increase, when running on modern hardware with Intel NICs? Majority of processing tasks would probably be setfib according to matches in tables. Pawel.