On 2/3/23 08:18, Rafał Miłecki wrote:
Another step in my NAT performance debugging.
I realized that my OpenWrt 21.02 based bcm53xx builds can't reach 940
Mb/s because I have qos-scripts installed.
It happens even with QoS interface disabled:
qos.wan.enabled='0'
and with QoS disabled in general:
/etc/init.d/qos stop
(disable & reboot don't help neither)
After quite some debugging I discovered that:
1. qos-scripts selects iptables-mod-conntrack-extra
2. iptables-mod-conntrack-extra selects kmod-ipt-raw
3. kmod-ipt-raw provides iptable_raw.ko
4. iptable_raw.ko slows down NAT
I can bump NAT speed from 880 Mb/s to 940 Mb/s by doing:
# rmmod iptable_raw
unloading the module failed
# /etc/init.d/firewall stop > /dev/null 2>&1
# rmmod iptable_raw
# /etc/init.d/firewall start > /dev/null 2>&1
I'm wondering if there is any good solution to that. I can't think of
anything clean and generic. Handling modprobe & rmmod directly in
/etc/init.d/qos sounds really hacky. Any good ideas?
Have you managed to get a `perf record` or `perf top` capture to see
whether we might be going a little too far into iptables-raw code rather
than bailing out early if we are not utilizing it?
--
Florian
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
