Hi. I use LEAF on our border routers. I didn't use 3.x in such conditions, so I can't tell about relative speed-up. Border for world channel is AMD Phenom II x6, with 2x i82576 cards - it shows up to 10% CPU load on ~ 500/500Mbit traffic, with firewall, some NAT (for some clients that haven't white IPs) and near 70kpps in/out. On district routers which takes a bit smaller traffic (near 200Mbit) CPU load was less than 1-2% - with firewalling (with average 30-40 rules per packet). PCs are much weaker - pentium E2180, i82576 NIC. Same PCs with different NICs on 3.1 distro were loaded by 20-30% at comparable rates. 2.6 kernel works better with new hardware and uses more hardware features (for ex., MSI/MSI-X), so it is reasonable that it has better performance.
21.07.2011 22:46, Martin Hejl пишет: > Hi everybody, > > just to get some feedback, before I go on a wild goose chase: > > we're running LEAF Bering-uClibc 4.0.1 as a firewall on a 100 Mbit > downstream/6 MBit upstream link. It's basically an out of the box setup, > with only a couple of additional shorewall rules (a couple of ports > being forwarded to different computers in the DMZ, that's pretty much all). > > For the firewall, we're using a box with an Atom™ D510 Dual Core (1M > Cache, 1.66 GHz) - the exact model we're using is this: > > http://www.nexcom.com/Products/network-and-communication-solutions/desktop-appliance/desktop-appliance/communication-gateway-dna-1110 > > (cute little box, even though it costs a bit more than an Alix box - but > having a VGA and keyboard port makes the setup a lot easier). > > So, now for my sanity check: we managed to find some sites that could > actually saturate our link doing downloads, and while doing that, "top" > showed between 0% and 1% of CPU utilization. To me, that sounds somewhat > unlikely, unless the the 2.6 kernel is _much_ more efficient at > routing/firewalling than the 2.4 kernel ever was. > > So, before we start hunting for an issue that's not actually there - > does anybody have any experience running LEAF Bering-uClibc 4.0.1 on a > relatively high speed link, and has a chance to compare that to Bering > uClibc 3.x? I _know_ that with 3.x, a download at 3+ megabytes per > second pretty much max'd out the CPU of my Alix box at home, but trying > it right now (running Bering uClibc 4.0), I'm getting this from "top": > > CPU: 0.1% usr 0.3% sys 0.0% nic 98.8% idle 0.0% io 0.0% irq 0.5% sirq > > (while Firefox is telling me it's downloading at 2.9 to 3.1 Megabytes/s). > > Is the 2.6 kernel _that_ much more efficient, or is there an issue whith > what top shows? > > I'm puzzled... > > Martin ------------------------------------------------------------------------------ 5 Ways to Improve & Secure Unified Communications Unified Communications promises greater efficiencies for business. UC can improve internal communications as well as offer faster, more efficient ways to interact with customers and streamline customer service. Learn more! http://www.accelacomm.com/jaw/sfnl/114/51426253/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
