Hi Charles and Andrew, thank you for the feedback - sounds very promising. Yet another reason to upgrade all of my remaining boxes
Thanks Martin Am 21.07.2011 23:00, schrieb Charles Steinkuehler: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I concur. > > The 2.6 kernel includes a lot of TCP/IP optimizations that reduce memory > copies when using newer hardware (and take advantage of multiple CPUs, > but that's probably not what's helping in your case! :). > > The Via 6105m chipset on the Alix boards is mid-class hardware. It has > bus-mastering DMA with limitations, and some hardware off-load that the > 2.4 kernel probably wasn't using. > > With a 2.6 kernel on an Intel GigE chipset, you're likely seeing lots > less memcopies (if not full zero-copy up and down through the IP stack), > which cuts the CPU load pretty dramatically. Typical embedded CPUs > generally don't have high performance memory interfaces (lower speed and > narrower bus than on general purpose CPUs), meaning a memcopy is even > worse on most single board systems than on a 'typical' desktop PC. > > The only time I notice network related CPU load on my firewall is when > I'm pushing lots of data through my IPSec tunnel. :) > > On 7/21/2011 3:40 PM, Andrew wrote: >> Hi. >> I use LEAF on our border routers. I didn't use 3.x in such conditions, >> so I can't tell about relative speed-up. >> Border for world channel is AMD Phenom II x6, with 2x i82576 cards - it >> shows up to 10% CPU load on ~ 500/500Mbit traffic, with firewall, some >> NAT (for some clients that haven't white IPs) and near 70kpps in/out. >> On district routers which takes a bit smaller traffic (near 200Mbit) CPU >> load was less than 1-2% - with firewalling (with average 30-40 rules per >> packet). PCs are much weaker - pentium E2180, i82576 NIC. Same PCs with >> different NICs on 3.1 distro were loaded by 20-30% at comparable rates. >> 2.6 kernel works better with new hardware and uses more hardware >> features (for ex., MSI/MSI-X), so it is reasonable that it has better >> performance. >> >> 21.07.2011 22:46, Martin Hejl пишет: >>> Hi everybody, >>> >>> just to get some feedback, before I go on a wild goose chase: >>> >>> we're running LEAF Bering-uClibc 4.0.1 as a firewall on a 100 Mbit >>> downstream/6 MBit upstream link. It's basically an out of the box setup, >>> with only a couple of additional shorewall rules (a couple of ports >>> being forwarded to different computers in the DMZ, that's pretty much all). >>> >>> For the firewall, we're using a box with an Atom™ D510 Dual Core (1M >>> Cache, 1.66 GHz) - the exact model we're using is this: >>> >>> http://www.nexcom.com/Products/network-and-communication-solutions/desktop-appliance/desktop-appliance/communication-gateway-dna-1110 >>> >>> (cute little box, even though it costs a bit more than an Alix box - but >>> having a VGA and keyboard port makes the setup a lot easier). >>> >>> So, now for my sanity check: we managed to find some sites that could >>> actually saturate our link doing downloads, and while doing that, "top" >>> showed between 0% and 1% of CPU utilization. To me, that sounds somewhat >>> unlikely, unless the the 2.6 kernel is _much_ more efficient at >>> routing/firewalling than the 2.4 kernel ever was. >>> >>> So, before we start hunting for an issue that's not actually there - >>> does anybody have any experience running LEAF Bering-uClibc 4.0.1 on a >>> relatively high speed link, and has a chance to compare that to Bering >>> uClibc 3.x? I _know_ that with 3.x, a download at 3+ megabytes per >>> second pretty much max'd out the CPU of my Alix box at home, but trying >>> it right now (running Bering uClibc 4.0), I'm getting this from "top": >>> >>> CPU: 0.1% usr 0.3% sys 0.0% nic 98.8% idle 0.0% io 0.0% irq 0.5% sirq >>> >>> (while Firefox is telling me it's downloading at 2.9 to 3.1 Megabytes/s). >>> >>> Is the 2.6 kernel _that_ much more efficient, or is there an issue whith >>> what top shows? >>> >>> I'm puzzled... >>> >>> Martin >> >> >> ------------------------------------------------------------------------------ >> 5 Ways to Improve& Secure Unified Communications >> Unified Communications promises greater efficiencies for business. UC can >> improve internal communications as well as offer faster, more efficient ways >> to interact with customers and streamline customer service. Learn more! >> http://www.accelacomm.com/jaw/sfnl/114/51426253/ >> ------------------------------------------------------------------------ >> leaf-user mailing list: leaf-user@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/leaf-user >> Support Request -- http://leaf-project.org/ > > > - -- > Charles Steinkuehler > char...@steinkuehler.net > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk4ok3kACgkQLywbqEHdNFxdTwCg6NRcoyNqxMLyZ/08bdYOiOZF > jPoAoN9th0ULVeUBj8nXt3EZpMW3Q/cW > =MCSh > -----END PGP SIGNATURE----- > > ------------------------------------------------------------------------------ > 5 Ways to Improve& Secure Unified Communications > Unified Communications promises greater efficiencies for business. UC can > improve internal communications as well as offer faster, more efficient ways > to interact with customers and streamline customer service. Learn more! > http://www.accelacomm.com/jaw/sfnl/114/51426253/ > ------------------------------------------------------------------------ > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ -- I have always wished for my computer to be as easy to use as my phone; my wish has come true because I can no longer figure out how to use my phone -- Bjarne Stroustrup ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
