Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 6 Nov 2003 13:04:31 +0200
From:      "Artis Caune" <>
To:        <>
Subject:   loading lot of rules takes very long time
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help

We have about 10000-20000 pipes for
different subnets, and it takes very long
time to load them - about 10-15min.

92.8% interrupt,  0.0% idle

strange that things slow down when count
reaches 2000-2500 rules.

is there something we can do to speed things up?

rules are added like:
  ipfw -q add 1 pipe 1 src-ip out via em0
  ipfw pipe 1 config bw 30Kbytes/s queue 10
soo 'ipfw' is invoked '2 x client_count' !!!

maybe ipfw need feature like:
ipfw -f /etc/rc.firewall

# FreeBSD-4.9, IPFW2,
# 1G RAM, 2.4xeon on Intel server board


Want to link to this message? Use this URL: <>