On Thu, Sep 8, 2011 at 05:15, kashani <[email protected]> wrote: > On 9/7/2011 5:25 AM, Pandu Poluan wrote: >> >> Well, for all my other servers, I standardized on ext4. >> >> Since a vFirewall have to perform lots of packet-juggling, I'd rather >> dedicate the CPU time to the kernel rather than the HD I/O. >> >> Of course, a vFirewall needs to be updated every now and then, but >> everytime an update is called for, it should not overly tax the CPU >> and degrade the netfilter framework. >> >> Rgds, > > You are making my point for me, but not realizing the end result of > the logic. There isn't any filesystem change that is going to affect CPU > usage by more than a few percentage points in the use case you've described. > Rsync, portage, and gcc use a massive amount of CPU compared to the amount > the filesystem changes will use other than brief points during the rsync. > Additionally most benchmarks are testing filesystem throughput and comparing > it to CPU. Because disk IO isn't under pressure in your scenario you're > unlikely to see the pathological use of CPU that can highlight the > differences between filesystems.
Gosh, you're right! (And Jesús' reply also remind me). What was I thinking >.< > That said, you have a few reasonable choices. > > 1. Move to a binary distro > 2. Use buildpkg on a clone of this server and only install packages on your > Firewall. > 3. NFS mount /usr/portage when you need it and dist build on another server > 4. Don't upgrade > 5. Get a firewall server with more CPU so that it doesn't matter > 6. Script a new firewall server install every x months and swap it into > place and drop the original server. > 7. Some combination of the above. > I think I'll do (6). Attach a HD to another VM, install a similar system on that HD (chroot-ed, of course), update that regularly, make a stage5 (or 6 or whatevs) of the (ch)root, then do a 'tar xJf' on the firewall proper. So, a different scenario, then: Sometimes I need to log stuffs (via ULOG) or do a tcpdump. Will JFS give me additional benefit to ext4? Or should I just stick with ext4? Rgds, -- FdS Pandu E Poluan ~ IT Optimizer ~ • LOPSA Member #15248 • Blog : http://pepoluan.tumblr.com • Linked-In : http://id.linkedin.com/in/pepoluan
