iptable rules and performance

To: debian-firewall@lists.debian.org
Subject: iptable rules and performance
From: Jor-el <jorel@trillian.megadodo.umb>
Date: Fri, 21 Dec 2001 23:54:39 -0600 (CST)
Message-id: <[🔎] Pine.LNX.3.96.1011221234814.6871B-100000@trillian>
Reply-to: jorel@austin.rr.com

Hi,

	I need to set up a firewall to allow to and fro udp traffic from
130 distinct ip addresses to my server. Unfortunately, it is not possible
to collapse the firewalling rules for these machines by specifying the udp
port. My question has to do with the performance of the host under such
conditions. I have an estimated traffic of .5 million packets coming into
my server / day, and the firewall will have to sift through this traffic
to filter through 130 ip addresses. Has anyone used iptables under these
conditions? Were there any observed problems with the firewall not being
able to keep up with the traffic?

	Any alternative suggestions?

Thanks,
Jor-el

Reply to:

Follow-Ups:
- Re: iptable rules and performance
  - From: Daniel Pittman <daniel@rimspace.net>

Prev by Date: Re: icq with iptables
Next by Date: Re: iptable rules and performance
Previous by thread: Re: icq with iptables
Next by thread: Re: iptable rules and performance
Index(es):
- Date
- Thread