I confirm that iptables offers way better performance now on Xenial kernel.
BEFORE: $ uname -r 4.4.0-62-generic $ time (./list-addrs 3000 | xargs -n1 iptables -A FORWARD -j ACCEPT -s) real 0m34.502s user 0m1.372s sys 0m27.428s AFTER: $ uname -r 4.4.0-63-generic $ time (./list-addrs 3000 | xargs -n1 iptables -A FORWARD -j ACCEPT -s) real 0m5.680s user 0m0.100s sys 0m0.264s -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1640786 Title: netfilter regression introducing a performance slowdown in binary arp/ip/ip6tables To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1640786/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
