On Wed, 6 Apr 2011, Eric Dumazet wrote:
Le mercredi 06 avril 2011 à 13:29 -0700, David Miller a écrit :
From: Eric Dumazet eric.dumazet@gmail.com Date: Wed, 06 Apr 2011 22:18:56 +0200
I remember last time I work on a fedora kernel, it had conntrack enabled
And yes, conntrack can really slowdown a router, because of default parameters.
Yes, if conntrack is enabled performance will indeed tank.
I just check on latest fedora14 (yum updated) :
- conntrack is statically included in kernel, you cannot remove it.
Hmm...
Thanks for the replies, Yes indeed, I bet that conntrack was the item that caused the grief I saw. In fact turning off CONFIG_NETFILTER disables conntrack and solved my problem. :-)
Now the question is how to get the netfiltery/conntracky goodness without impacting those who want to go fast, maybe without a helmet.