Re: expected load?
On Sun, 8 Jul 2001, Jeremiah H. Savage wrote:
> I've been running a PIII-700/128MB as an iptables based firewall for
> the past several days, and it seems to be experiencing practically no
> load. From uptime, I see: 00:59:56 up 4 days, 8:59, 1 user, load
> average: 0.00, 0.00, 0.00
>
> This firewall is has 3 interfaces, and according to 'iptraf' their
> current averages are: eth0 ~500kbits/sec - ~800kbits/sec eth1
> ~400kbits/sec - ~900kbits/sec eth2 ~75kbits/sec - ~150kbits/sec
>
> The firewall has ~100 rules and is set to default drop. Is this kind
> of load typical for this setup?
Yup. Load comes from running *user* processes, not from the kernel.
Given that iptables is completely in-kernel, it doesn't generate load no
matter how hard it's working. So, a load average of 0.00 means that
there isn't any software running on the machine.
I presume that you don't have anything much running as a daemon or
whatever on this box, just the fire-walling. If that's not true,
something else may be at fault. :)
Daniel
--
In the present-day reconstruction of physics, fragments of the Newtonian
concepts are stubbornly retained. The result is to reduce modern physics to a
sort of mystic chant over an unintelligible universe.
-- Alfred North Whitehead, _Modes of Thought_
Reply to: