Josh Brooks wrote: > You know, I keep hearing this ... the machine is a 500 mhz p3 celeron with > 256 megs ram ... and normally `top` says it is at about 80% idle, and > everything is wonderful - but when someone shoves 12,000-15,000 packets > per second down its throat, it chokes _hard_. You think that optimizing > my ruleset will change that ? Or does 15K p/s choke any freebsd+ipfw > firewall with 1-200 rules running on it ?
No I'm just plain confused... 15,000 packets/second is just not that much load: Minisize 15000 * 64B * 8b = 7,680,000b/S ...just less than 10 megabits/second. Maxsize 15000 * 1500B * 8b = 180,000,000b/S ...just less than 200 megabits/second. I don't understand where you are spending your CPU time, even if the packets are being written to disk before they are sent on... What's your external link speed to the Internet? Are you maybe getting an aplification attack against your router? That's just not that much in the way of packet processing overhead. -- Terry To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
