On Tue, Feb 12, 2008 at 08:27:52AM -0500, Brian J. Murrell wrote: > > By way of comparison, I've ported an accounting box at work to the > > newer version. As well as traffic shaping, it does accounting for in > > and out traffic on an entire class C - so 510 accounting rules or so. > > Hardware is Pentium III 1GHz and whilst the older version took about > > 90 seconds to load, the newer Perl version loads it in about 6 > > seconds. > > Right. But there is a scaling issue here. As the number of rules grows > and the number of interface changes grows so does the periodic outages > due to entire ruleset/routing/traffic control reloads.
It would be nice if the outage could be completely eliminated. However, this is a problem for the kernel people - we'd need atomic whole-configuration changes in netfilter and tc, rather than the current rule-at-a-time system. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
