RE: 4.0 slower than 3.4?

Sat, 8 Jan 2000 06:16:16 -0800 

  Jason Young wrote:
  Saturday, January 08, 2000 9:02 AM

> It probably isn't the best of all ideas to have BOTH IP firewalling
> solutions installed and running at once. This will add some
> overhead. Pick one and stick with it. And why do you have DUMMYNET
> running?
> 
> There is a new version of IPFilter in -CURRENT if I recall
> correctly, and this may be related to your timing issues. Really
> you ought to just take IPFILTER out of your configuration.

To my understanding, both IPFW (ipfw.ko) and IPFILTER (ipl.ko) can be
built as modules. 

I have made some lmbench tests and they show that ipfilter actually
adds more latency than ipfw.

Here are some lmbench results taken on a P3-500, -current (2 days
old)


        First, plain (no module loaded):

UDP latency using localhost: 65 microseconds
TCP latency using localhost: 67 microseconds
RPC/udp latency using localhost: 111 microseconds
RPC/tcp latency using localhost: 139 microseconds
TCP/IP connection cost to localhost: 119 microseconds
Socket bandwidth using localhost: 71.97 MB/sec

        Now, ipl.ko loaded (ipfilter), no rulesets

UDP latency using localhost: 80 microseconds
TCP latency using localhost: 85 microseconds
RPC/udp latency using localhost: 129 microseconds
RPC/tcp latency using localhost: 155 microseconds
TCP/IP connection cost to localhost: 145 microseconds
Socket bandwidth using localhost: 67.72 MB/sec

        The following is for ipfw.ko loaded (default policy to accept,
                                           no other rules).

UDP latency using localhost: 68 microseconds
TCP latency using localhost: 73 microseconds
RPC/udp latency using localhost: 115 microseconds
RPC/tcp latency using localhost: 143 microseconds
TCP/IP connection cost to localhost: 127 microseconds
Socket bandwidth using localhost: 70.11 MB/sec

        And finally, both ipl.ko and ipfw.ko loaded (rather
        stupid imho, I think they're supposed to work as an either-or
        solution :) ).

UDP latency using localhost: 84 microseconds
TCP latency using localhost: 90 microseconds
RPC/udp latency using localhost: 132 microseconds
RPC/tcp latency using localhost: 160 microseconds
TCP/IP connection cost to localhost: 152 microseconds
Socket bandwidth using localhost: 66.04 MB/sec

-- 
 /"\                         /   
 \ /  ASCII RIBBON CAMPAIGN /    For every single problem you can 
  X   AGAINST HTML MAIL    /     find a solution, which is simple,
 / \  AND POSTINGS        /      neat and wrong. 




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to