There is 3 upstream patches[1] "Under Review", that has been created to mitigate this specific situation. The test (with these patches) so far has been proven to provide better performance.
The patches consist on allocating the percpu counters in page-sized batch chunks. [1] - Patches : http://patchwork.ozlabs.org/patch/697259/ http://patchwork.ozlabs.org/patch/697260/ http://patchwork.ozlabs.org/patch/697261/ - Eric ** Summary changed: - netfilter regression introducing a performance slowdown in binary ip/ip6tables + netfilter regression introducing a performance slowdown in binary arp/iptables/ip6tables ** Summary changed: - netfilter regression introducing a performance slowdown in binary arp/iptables/ip6tables + netfilter regression introducing a performance slowdown in binary arp/ip/ip6tables -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1640786 Title: netfilter regression introducing a performance slowdown in binary arp/ip/ip6tables To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1640786/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
