The piece of code in commit [71ae0dff] that seems responsible for the
slowdown is the following :
#include/linux/netfilter/x_tables.h
static inline unsigned long xt_percpu_counter_alloc(void)
{
if (nr_cpu_ids > 1) {
void __percpu *res = __alloc_percpu(sizeof(struct xt_counters),
sizeof(struct xt_counters));
if (res == NULL)
return -ENOMEM;
return (__force unsigned long) res;
}
return 0;
}
If I increase the value in the if statement
from:
if (nr_cpu_ids > 1) {
to:
if (nr_cpu_ids > 10) {
... so forcing the system to skip this above if statement if it has less
than 10 CPUs, the performance of iptables is way better :
real 0m5.303s
user 0m0.076s
sys 0m0.280s
Need to find if there is improvement that can be done or not here.
Eric
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640786
Title:
netfilter regression introducing a performance slowdown in binary
ip/ip6tables
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1640786/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
