[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-net
Subject: Re: impact of disabling firewall on performance?
From: Luigi Rizzo <rizzo () iet ! unipi ! it>
Date: 2013-09-18 14:27:07
Message-ID: CA+hQ2+hHuzdH4QmWS83WannZ8c=Ao5Sz+m-EiL9uxkhPE+hHZQ () mail ! gmail ! com
[Download RAW message or body]
On Wed, Sep 18, 2013 at 4:19 PM, Ian Smith <smithi@nimnet.asn.au> wrote:
> On Wed, 18 Sep 2013 11:18:38 +0200, Luigi Rizzo wrote:
>
> > unloading or disabling the firewall with a sysctl is likely
> > exactly the same in terms of performance -- it's just
> > something like
> >
> > if (firewall_loaded || firewall_enabled) {
> > invoke_firewall(...);
> > }
>
>
> Not && ?
>
you are correct. thanks for the spanking, too :)
(i sent the email at 4am and i will be surprised
if this is the only mistake in my message...
cheers
luigi
>
> Either way, unloading the module/s couldn't gain any performance.
>
> > However, executing the firewall with a single pass rule consumes
> > some significant amount of time, see
> > http://info.iet.unipi.it/~luigi/papers/20091201-dummynet.pdf
> > (those numbers are from 2009 and i measured about 400ns;
> > recent measurements with ipfw-over-netmap on a fast i7
> > give about 100ns per packet).
> >
> > This is definitely measurable.
>
> Thanks for the spanking, and a second browsing of Dummynet Revisited.
>
> cheers, Ian
>
--
-----------------------------------------+-------------------------------
Prof. Luigi RIZZO, rizzo@iet.unipi.it . Dip. di Ing. dell'Informazione
http://www.iet.unipi.it/~luigi/ . Universita` di Pisa
TEL +39-050-2211611 . via Diotisalvi 2
Mobile +39-338-6809875 . 56122 PISA (Italy)
-----------------------------------------+-------------------------------
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic