Network performance in a dual CPU system

Max Laier max at love2party.net
Fri Feb 10 15:01:08 PST 2006 

On Friday 10 February 2006 20:54, Julian Elischer wrote:
> Marcos Bedinelli wrote:
> > Hello all,
> >
> > thanks for the replies. Most of you have suggested that I turn on
> > polling and give it a try. The machine is in production, hence I need
> > to schedule downtime for that.
> >
> > The system is mainly being used as a dedicated router. It runs OSPF,
> > BGP and IPFW (around 150 rules). OSPF and BGP are managed by Quagga.
> > The box has 2 gigabit interfaces that handle on average 200Mbp/s - 50K
> > packets/s (inbound and outbound combined), each one of them.
>
> I have found that most people can optimise there ipfw rulests considerably.
>
> for example: a first rule of:
> 1 allow ip from any to any in recv {inside interfacfe}
> 2 allow ip from any to any out xmit {inside interface}
> will cut your ipfw load by 50% immediatly.
> (you should only be filterring on one interface usually)
>
> use 'skipto' rules to immediatly send incoming and outgoing data to
> different rules sets.

FWIW, pf does some of those optimizations automatically called "skip steps" 
and "pfctl -o" restructures the ruleset so that often matching rules are 
moved to the top.  I know that this does not map directly to IPFW, but it 
might still be interesting to have a look at it.

> etc.
> (I you want to privatly send me your ruleset I can probably help you do
> this)
>
> julian
>
> > Some of you have asked for the following information:
> >
> >
> > - As I indicated before, polling is currently disabled.
> >
> >
> > - Hyperthreading (HTT) is disabled.
> >
> >
> > mull [~]$vmstat -i
> > interrupt                          total       rate
> > irq1: atkbd0                        3466          0
> > irq6: fdc0                            10          0
> > irq13: npx0                            1          0
> > irq14: ata0                           47          0
> > irq21: fxp1                     20462527          8
> > irq28: bge0                   3511765157       1444
> > irq29: bge1                   3633124373       1494
> > irq30: aac0                      1842472          0
> > cpu0: timer                    566751007        233
> > Total                         7733949060       3181
> >
> >
> > mull [~]$netstat -m
> > 644/646/1290 mbufs in use (current/cache/total)
> > 643/407/1050/17088 mbuf clusters in use (current/cache/total/max)
> > 0/5/4528 sfbufs in use (current/peak/max)
> > 1447K/975K/2422K bytes allocated to network (current/cache/total)
> > 0 requests for sfbufs denied
> > 0 requests for sfbufs delayed
> > 0 requests for I/O initiated by sendfile
> > 0 calls to protocol drain routines
> >
> >
> >
> > Thank you,
> >
> > --
> > Marcos
> >
> > _______________________________________________
> > freebsd-net at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-net
> > To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20060211/c82324b5/attachment.bin

More information about the freebsd-net mailing list