On Wed, 6 Apr 2011, Eric Dumazet wrote:
Le mercredi 06 avril 2011 à 13:29 -0700, David Miller a écrit :
> From: Eric Dumazet <eric.dumazet(a)gmail.com>
> Date: Wed, 06 Apr 2011 22:18:56 +0200
>
> > I remember last time I work on a fedora kernel, it had conntrack enabled
> >
> > And yes, conntrack can really slowdown a router, because of default
> > parameters.
>
> Yes, if conntrack is enabled performance will indeed tank.
I just check on latest fedora14 (yum updated) :
- conntrack is statically included in kernel, you cannot remove it.
Hmm...
Thanks for the replies,
Yes indeed, I bet that conntrack was the item that caused the grief I saw.
In fact turning off CONFIG_NETFILTER disables conntrack and solved my
problem. :-)
Now the question is how to get the netfiltery/conntracky goodness without
impacting those who want to go fast, maybe without a helmet.