Questions about your dual Opteron packetfiltering tests
David S. Miller
davem at davemloft.net
Sun Sep 12 03:23:09 CEST 2004
On Fri, 10 Sep 2004 16:06:17 +0200
Karsten Desler <kdesler at soohrt.org> wrote:
> > never ever enable rp_filter, that makes a huge difference. rp_filter is
> > not even recommended as default, and probably Debian is the only
> > distribution doing that mistake (read netdev archives on this).
>
> Ok, I've disabled rp_filter and added rp_filter-like iptables
> rules, doesn't make much (any?) difference though.
Please only disable rp_filter, then test.
You're making it difficult to determine the source of the
bad performance if you add a new set of overhead. So please
don't add the new rp_filter-like iptables rules, and test
like that.
More information about the netfilter-devel
mailing list