[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[no subject]
- <!--x-content-type: text/plain -->
- <!--x-date: Thu Jun 2 21:27:50 2005 -->
- <!--x-from-r13: wxvaarl ng ybpnyargfbyhgvbaf.pbz (Xnzrf B. Yvaarl WWW) -->
- <!--x-message-id: [email protected] -->
- <!--x-reference: 1117746280.21522.21.camel@localhost -->
- <!--x-reference: [email protected] -->
- <!--x-reference: [email protected] --> "http://www.w3.org/TR/html4/loose.dtd">
- <!--x-subject: [ale] iptables limits? -->
- <li><em>date</em>: Thu Jun 2 21:27:50 2005</li>
- <li><em>from</em>: jkinney at localnetsolutions.com (James P. Kinney III)</li>
- <li><em>in-reply-to</em>: <<a href="msg00117.html">[email protected]</a>></li>
- <li><em>references</em>: <1117746280.21522.21.camel@localhost> <<a href="msg00114.html">[email protected]</a>> <<a href="msg00117.html">[email protected]</a>></li>
- <li><em>subject</em>: [ale] iptables limits?</li>
Not threaded in the same sense of a userland thread. I guess that was a
poor choice of terms.
The iptables process can handle more than one packet at a time. Even
though the process is very fast (I think it is just a sequence of bit
mask arithmetic) more than one packet can be in the iptables process at
a time. However, only one packet can access a rule at a time (I think. I
don't read c source well enough to be sure). I seem to recall a blurb on
the iptables (it may have been ipchains) mailing list about a
performance issue that was cleared up by adding an effective "just
continue" step in one table. Apparently the machine handled two main
network data types and one packet stream would get to the same at the
same time as the other major packet stream often enough to slow things
down enough to be noticed.
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> <a rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
--
James P. Kinney III \Changing the mobile computing world/
CEO & Director of Engineering \ one Linux user /
Local Net Solutions,LLC \ at a time. /
770-493-8244 \.___________________________./
<a rel="nofollow" href="http://www.localnetsolutions.com";>http://www.localnetsolutions.com</a>
GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00104" href="msg00104.html">[ale] iptables limits?</a></strong>
<ul><li><em>From:</em> jimpop at yahoo.com (Jim Popovitch)</li></ul></li>
<li><strong><a name="00114" href="msg00114.html">[ale] iptables limits?</a></strong>
<ul><li><em>From:</em> jkinney at localnetsolutions.com (James P. Kinney III)</li></ul></li>
<li><strong><a name="00117" href="msg00117.html">[ale] iptables limits?</a></strong>
<ul><li><em>From:</em> cfowler at outpostsentinel.com (Christopher Fowler)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00120.html">[ale] Debian 3.0 as a server platform?</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00122.html">[ale] Debian 3.0 as a server platform?</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00117.html">[ale] iptables limits?</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00138.html">[ale] iptables limits?</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00121"><strong>Date</strong></a></li>
<li><a href="threads.html#00121"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>