lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAKfDRXjYLV1O2jKogpqxGk3tiLtYCQ=mxNZo3=s57Sp0MR0dqQ@mail.gmail.com>
Date:	Sat, 24 Aug 2013 19:14:50 +0200
From:	Kristian Evensen <kristian.evensen@...il.com>
To:	OpenWrt Development List <openwrt-devel@...ts.openwrt.org>
Cc:	Network Development <netdev@...r.kernel.org>
Subject: Re: [OpenWrt-Devel] Understanding/reimplementing forwarding
 acceleration used by Broadcom (ctf)

Hi Rafal,

On Sat, Aug 24, 2013 at 5:19 PM, Rafał Miłecki <zajec5@...il.com> wrote:
>
> I wonder what do you think about this solution. Is this something we
> could try to implement ourself? Is it worth it? Is there some existing
> project doing similar thing?

This is a very interesting discovery. Have you tried to use etables
and checked how much data you can push through the router? For
example, have one machine connected to the LAN and one to the WAN port
(probably using static IPs for the "WAN" is the easiest). Use MAC NAT
(http://ebtables.sourceforge.net/examples/basic.html#ex_nat) on the
OpenWRT router to set the destination to the machine connected to the
WAN, push UDP traffic from a client connected to the LAN to some
remote IP and see how much data flows through the router. Use for
example bwm-ng on the machine connected to the WAN port to see current
throughput (also to avoid putting any additional pressure on the
router CPU). Be aware that unless you configure the machine connected
to the WAN port as a router, the forwarded packets will be discarded.

If this works and gives good performance, based on my understanding,
you could implement this ctf module as an etables extension.

-Kristian
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ