On Wed, Oct 05, 2005 at 06:53:31PM +0200, Andi Kleen wrote: > On Tuesday 04 October 2005 19:01, Patrick McHardy wrote: > > Andi Kleen wrote: > > > In a sense it's even getting worse: For example us losing the CONFIG > > > option to disable local conntrack (Patrick has disabled it some time ago > > > without even a comment why he did it) has a really bad impact in some > > > cases. > > > > It was necessary to correctly handle locally generated ICMP errors. > > Well you most likely wrecked local performance then when it's enabled. so you would favour a system that incorrectly deals with ICMP errors but has higher performance? -- - Harald Welte <[email protected]> http://netfilter.org/ ============================================================================ "Fragmentation is like classful addressing -- an interesting early architectural error that shows how much experimentation was going on while IP was being designed." -- Paul Vixie
Attachment:
pgpZ9rBuXS2eh.pgp
Description: PGP signature
- Follow-Ups:
- References:
- Re: [PATCH 0/3] netfilter : 3 patches to boost ip_tables performance
- From: Patrick McHardy <[email protected]>
- Re: [PATCH 0/3] netfilter : 3 patches to boost ip_tables performance
- From: Andi Kleen <[email protected]>
- Re: [PATCH 0/3] netfilter : 3 patches to boost ip_tables performance
- Prev by Date: Re: select(0,NULL,NULL,NULL,&t1) used for delay
- Next by Date: Re: Fwd: Telecom Clock Driver for MPCBL0010 ATCA computer blade
- Previous by thread: Re: [PATCH 0/3] netfilter : 3 patches to boost ip_tables performance
- Next by thread: Re: [PATCH 0/3] netfilter : 3 patches to boost ip_tables performance
- Index(es):
 |