Re: [LARTC] CBQ troubles, processor overload
Adam Towarnyckyj wrote: I'd love to share. Whoever was interested in that, please let me know in an email. Thanks for the suggestions. I really appreciate them and I'll look into it. Well, I would for one. However, it looks like Ralph perhaps only wants a simple solution, so perhaps he isn't interested? Why not pop the stuff on a web page and send us a link? Ed W ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
RE: [LARTC] CBQ troubles, processor overload
I'd love to share. Whoever was interested in that, please let me know in an email. Thanks for the suggestions. I really appreciate them and I'll look into it. Adam Towarnyckyj -Original Message- From: Ed Wildgoose [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 22, 2004 12:09 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [LARTC] CBQ troubles, processor overload > The problem I'm running into is that the processor gets >overloaded because of the amount of work tc is doing. I assumed it would >be able to handle the apx 5000 customers we have on it. I have a bridge >set up between two devices that run from the internet to the local >network. This bridge takes up 20% of the CPU when tc is not enabled. >When tc becomes enabled, it finishes off the rest of the CPU and eats >most of the queue as well. > > 5,000 rules is significant. Have a look at the hashing examples in the LARTC howto for some ideas on how to slash bandwidth required. There is also a high performance iptables project kicking around which does much better for large rulesets. Since you don't seem to need anything advanced I would have thought this was a drop in replacement. Have a look at http://www.hipac.org/index.htm - Never used it though, just came across it on google. I think there is another chap who posted a few hours earlier may be really interested in your perl script to read users from the DB and build rules. If you have any kind of traffic accounting I think he would be interested in that as well. Want to share any of that...? Good luck Ed W ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] CBQ troubles, processor overload
The problem I'm running into is that the processor gets overloaded because of the amount of work tc is doing. I assumed it would be able to handle the apx 5000 customers we have on it. I have a bridge set up between two devices that run from the internet to the local network. This bridge takes up 20% of the CPU when tc is not enabled. When tc becomes enabled, it finishes off the rest of the CPU and eats most of the queue as well. 5,000 rules is significant. Have a look at the hashing examples in the LARTC howto for some ideas on how to slash bandwidth required. There is also a high performance iptables project kicking around which does much better for large rulesets. Since you don't seem to need anything advanced I would have thought this was a drop in replacement. Have a look at http://www.hipac.org/index.htm - Never used it though, just came across it on google. I think there is another chap who posted a few hours earlier may be really interested in your perl script to read users from the DB and build rules. If you have any kind of traffic accounting I think he would be interested in that as well. Want to share any of that...? Good luck Ed W ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/