Date: Thu, 6 Nov 2003 13:04:31 +0200 From: "Artis Caune" <ac@latnet.lv> To: <freebsd-ipfw@FreeBSD.org> Subject: loading lot of rules takes very long time Message-ID: <20031106110605.E785D43FF2@mx1.FreeBSD.org>
next in thread | raw e-mail | index | archive | help
Hello, We have about 10000-20000 pipes for different subnets, and it takes very long time to load them - about 10-15min. 92.8% interrupt, 0.0% idle strange that things slow down when count reaches 2000-2500 rules. is there something we can do to speed things up? rules are added like: ipfw -q add 1 pipe 1 src-ip 1.1.1.1 out via em0 ipfw pipe 1 config bw 30Kbytes/s queue 10 ... soo 'ipfw' is invoked '2 x client_count' !!! maybe ipfw need feature like: ipfw -f /etc/rc.firewall # FreeBSD-4.9, IPFW2, # HZ=2000, DEVICE_POLLING, # 1G RAM, 2.4xeon on Intel server board ..... Artis
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031106110605.E785D43FF2>