On Tue, 30 Jul 2002, Rusty Russell wrote:
> In message <Pine.GSO.4.30.0207290648020.12604-100000@xxxxxxxxxxxxxxxx> you
> > > Connection tracking:
> > Fix perfomance problems with this thing. You may have seen reports of
> > performance degradation it introduces. I was hoping to take a look at some
> > point time hasnt been visiting this side.
> There are several simple things to do here. One is to improve the
> hashing (fine for internet traffic, but frequently sucks under LAN
> conditions), which is easy. The other is to modify the
> one-timer-per-connection approach to a "sweep once a second, or when
> full" approach.
Thats the right direction. From code inspection, fixing the later problem
would give you a lot more punch.
> Both these are simple patches, but I want to see benchmarks showing
> that they improve things.
> Yes, that's exactly the plan. It'd be more like the old-style
> insert/delete (probably not replace), except with a "commit"
> interface, implemented by copying the rules when they start modifying.
Why not take a look at the way tc does things and emulate that?