Harald Welte's blog

More dual Opteron netfilter/iptables benchmarks

The last two days I was at a network performance lab in Stralsund, Germany. We were testing dual Opteron 250 (2,4GHz) machines with e1000 cards and Linux.

One of the interesting results was that ip_conntrack [again] scales better as the load generators. The generators couldn't establish more than 25,000 new TCP connections per second and no more than 1 million total concurrent connections ;)

Thus I'm now pretty much convinced that ip_conntrack scales quite reasonable, and we should concentrate optimizations to other areas of netfilter/iptables.

Windows USERS have less security holes than Linux USERS

I don't usually join the never-ending discussion on proprietary vs. free software, since I know what I think is best for me anyway.

But there is one quote that I'd like to add to this blog, because it's [unwillingly] funny:

That is the literal translation of one of the headlines on the German Microsoft homepage ("Windows-Benutzer haben weniger Sicherheits-Schwachstellen als Linux-Benutzer").

Harald Welte's blog

	RSS Harald's Web gnumonks.org hmw-consulting.de sysmocom.de Projects OpenBSC OsmocomBB OsmocomTETRA deDECTed.org gpl-violations.org gpl-devices.org OpenMoko gnufiish OpenEZX OpenBeacon OpenPCD librfid openmrtd opentom.org netfilter/iptables Categories Root (1072) ccc (26) dect (2) electronics (19) gsm (123) osmocom-bb (7) knf (4) linux (697) a780 (39) conferences (127) cyberjack (4) gnuradio (5) gpl-violations (138) gspc (6) mobile (29) mrtd (35) netfilter (117) openmoko (52) opentom (7) samsung (1) via (23) misc (18) osmocom (7) personal (111) bollywood (17) taiwan (3) photography (9) politics (30) swpat (3) tetra (3) Archives 2012 (18) May (1) April (2) March (8) February (1) January (6) 2011 (47) December (2) November (3) October (3) September (3) August (1) July (5) June (9) May (5) April (6) March (3) February (2) January (5) 2010 (96) 2009 (146) 2008 (106) 2007 (53) 2006 (154) 2005 (248) 2004 (198) 2003 (5) 2002 (1) Other Bloggers David Burgess Zecke Dieter Spaar Michael Lauer Stefan Schmidt Rusty Russell David Miller Martin Pool Jeremy Kerr Tim Pritlove (German) fukami (German) fefe (German) Bradley M. Kuhn Lawrence Lessig Kalyan Varma Aggregators kernelplanet.org planet.netfilter.org planet.openezx.org planet.openmoko.org planet.foss.in identi.ca twitter flattr Linked in Xing Articles on this blog/journal are licensed under a Creative Commons Attribution-NoDerivs 2.5 License. Contact/Impressum	Thu, 07 Apr 2005 More dual Opteron netfilter/iptables benchmarks The last two days I was at a network performance lab in Stralsund, Germany. We were testing dual Opteron 250 (2,4GHz) machines with e1000 cards and Linux. One of the interesting results was that ip_conntrack [again] scales better as the load generators. The generators couldn't establish more than 25,000 new TCP connections per second and no more than 1 million total concurrent connections ;) Thus I'm now pretty much convinced that ip_conntrack scales quite reasonable, and we should concentrate optimizations to other areas of netfilter/iptables. [ /linux/netfilter \| permanent link ] Windows USERS have less security holes than Linux USERS I don't usually join the never-ending discussion on proprietary vs. free software, since I know what I think is best for me anyway. But there is one quote that I'd like to add to this blog, because it's [unwillingly] funny: That is the literal translation of one of the headlines on the German Microsoft homepage ("Windows-Benutzer haben weniger Sicherheits-Schwachstellen als Linux-Benutzer"). [ /linux \| permanent link ]