Date: Tue, 05 Aug 2003 16:42:55 -0700 From: Sam Leffler <sam@errno.com> To: John Polstra <jdp@polstra.com>, net@freebsd.org Subject: Re: bpf, ipfw and before-and-after Message-ID: <1564916751.1060101774@melange.errno.com> In-Reply-To: <200308052101.h75L1WR1006787@strings.polstra.com> References: <20030805133922.GA7713@k7.mavetju> <200308051817.h75IH7jb006622@strings.polstra.com> <01ca01c35b86$83c75590$812a40c1@PETEX31> <200308052101.h75L1WR1006787@strings.polstra.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> In article <01ca01c35b86$83c75590$812a40c1@PETEX31>, > Petri Helenius <pete@he.iki.fi> wrote: >> > >> > This would add additional delays to the code path for both ingress >> > and egress. In a world where gigabit ethernet is becoming the norm, >> > every nanosecond counts. I don't think the benefits of your proposal >> > would justify the performance loss. At the very least, I'd want the >> > extra calls to bpf_mtap to be present in the code only if enabled by >> > an option in the kernel config file. >> > >> bpf is slow by design because the design mandates a packet copy. >> >> It=B4s not a justification to make it slower but gigabit performance out >> of bpf is just not there until memory speeds increase a lot or the >> copying goes away. > > My point is that the extra calls to bpf_mtap would harm performance > even when bpf wasn't being used. In -current I believe all the calls are prefixed with a check for=20 ifp->if_bpf or similar. So any slow down should only happen when BPF is=20 active. Sam
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1564916751.1060101774>