Karsten Desler wrote:
* David S. Miller wrote:
It's spending nearly half of it's time in iptables.
Try to consolidate your rules if possible. This is the
part of netfilter that really doesn't scale well at all.
Removing the iptables rules helps reducing the load a little, but the
majority of time is still spent somewhere else.
Well with NAPI it can be hard to tell CPU usage.
You may need to use something like cyclesoak to get
a true idea of CPU left.
Also have a look at http://www.hipac.org/ as netfilter
has silly scalability properties.
I also notice that a lot of time is spent allocating
and freeing the packet buffers (and possible hidden
time due to cache misses due to allocating on one
CPU and freeing on another?).
How many [RT]xDescriptors do you have configured by the way?
Anyway attached is a small patch that I used to make the e1000
"own" the packet buffers, and hence it does not alloc/free
per packet at all. Now this has only been tested in one
configuration where I was just sniffing the packets, so
Pádraig Brady - http://www.pixelbeat.org
Description: TeXInfo document