Re: why does netfilter make upload very slow? (was: Re: e1000 ->82540EM on linux 2.6.0-test[45] very slow in one direction)

[Florian Zwoch]

Harald Welte wrote:
> > Would somebody like to explain why netfilter (in kernel, but not in use)
> > makes upload go very slow? I am by no means a network guru, but eager to
> > learn :-)
>
>
> let's get this straight.  There are five possible cases
>
> a) CONFIG_NETFILTER disabled.  you won't even have the netfilter hooks
>    in the network stack (so certainly no netfilter-using modules loaded)

no problem

> b) CONFIG_NETFILTER enabled, but _no_ modules (iptable_filter,
>    ip_conntrack, ...) attached to the netfilter hook

no problem

> c) CONFIG_NETFILTER enabled and iptable_filter.o (which pulls ip_tables.o)
>    loaded, NO RULES in the table

no problem

> d) CONFIG_NETFILTER enabled and iptable_filter.o (which pulls ip_tables.o)
>    loaded, RULES in the table

no problem (as long as i dont load any rules that require ip_conntrack)

> e) CONFIG_NETFILTER enabled and ip_conntrack.o loaded, iptable_filter
>    loaded or not, rules or not

*boink*

whenever i try to load ip_conntrack the nic performance drops from 5mb/s 
to 200k/s.

still using 2.6.0-test6.

regards,
Florian


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/