Date: Sat, 25 Apr 2009 03:00:11 +1000 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: =?ISO-8859-1?Q?Daniel_Dias_Gon=E7alves?= <ddg@yan.com.br> Cc: freebsd-ipfw@freebsd.org, Steve Bertrand <steve@ibctech.ca> Subject: Re: IPFW MAX RULES COUNT PERFORMANCE Message-ID: <20090425024635.O89549@sola.nimnet.asn.au> In-Reply-To: <49F1D992.9000001@yan.com.br> References: <49F06985.1000303@yan.com.br> <49F08071.1070905@ibctech.ca> <49F1D992.9000001@yan.com.br>
index | next in thread | previous in thread | raw e-mail
On Fri, 24 Apr 2009, Daniel Dias Gonçalves wrote: > The latency in the interface em6 increased an average of 10ms to 200 ~ 300ms > Hardware: > CPU: Intel(R) Xeon(TM) CPU 3.20GHz (3200.13-MHz 686-class CPU) > Logical CPUs per core: 2 > FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs > cpu0: <ACPI CPU> on acpi0 > p4tcc0: <CPU Frequency Thermal Control> on cpu0 > cpu1: <ACPI CPU> on acpi0 > p4tcc1: <CPU Frequency Thermal Control> on cpu1 > cpu2: <ACPI CPU> on acpi0 > p4tcc2: <CPU Frequency Thermal Control> on cpu2 > cpu3: <ACPI CPU> on acpi0 > p4tcc3: <CPU Frequency Thermal Control> on cpu3 > SMP: AP CPU #1 Launched! > SMP: AP CPU #3 Launched! > SMP: AP CPU #2 Launched! > > real memory = 9663676416 (9216 MB) > avail memory = 8396738560 (8007 MB) In that case, there really is something else wrong. By my measurements, rummaging through most of >1000 rules on a old 166MHz Pentium to get to the icmp allow rules (ridiculous, I know) added about 2ms to local net pings via that box, ie 1ms each pass for about 900 rules, mostly counts. cheers, Ianhelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090425024635.O89549>