Hi,
On Tue, Apr 18, 2006 at 09:30:18AM +0300, Andrei Sandu
wrote:> I have a P4 @ 3Ghz router running Debian. It shapes traffic ( about
> 500-600 classes ), about 1000 iptables rules, and it does BGP too, so i get
> about
> 1300+ routes in the routing table. The problem is the load is too high on
That''s not so much:
avb@YYY:~$ ip ro sh|wc -l
188583
Yes, that''s the internet with peering and all...
> this system. I found a solution to my problem, turning off the route cache,
> but i dont know how to implement it,
You realise that your solution doesn''t really sound good? ;-)
> I was wondering if anyone found a way to disable the route caching
system
> inside the kernel, to improve router performance in high traffic
conditions.
Again: turning off route caching really does not sound good.
Especially if you have different routes.
What you need to do is increase your cache thresholds...
ard@XXX(master):~$ ip ro sh cache|wc -l
41180
This system does a lot of traffic, and it still is cleaning it''s
nose.
Depending on where your system is, you should put stuff into your
sysctl.conf:
net/ipv4/neigh/default/gc_thresh1=8192
net/ipv4/neigh/default/gc_thresh2=16384
net/ipv4/neigh/default/gc_thresh3=32768
net/ipv4/route/gc_elasticity=8
net/ipv4/route/gc_interval=30
net/ipv4/route/gc_min_interval=2
net/ipv4/route/gc_thresh=?
etc...
Anyway: I don''t think that routing is really your issue.
Maybe you should look into optimising the shaping and/or iptables
ruleset.
ard@XXX(master):~$ sudo iptables -L -n|wc -l
2166
ard@XXX(master):~$ sudo iptables -L -n -t nat|wc -l
192
etc...
And of course, the BIG question: did you do a:
insmod ip_conntrack hashsize=4194304
?
Having a small hashsize for the connection tracking table is of
course the biggest problem for most users.
--
begin LOVE-LETTER-FOR-YOU.txt.vbs
I am a signature virus. Distribute me until the bitter
end