|
On Mon, 29 Jan 2001, Joseph Mack wrote:
> When I compared DR (using Julian's martian patch, which allowed the director
> to be the default gw for the real-servers) and NAT, at the same packet
> throughput, the load average was 5 on the NAT director and the keyboard
> and mouse weren't responding anymore, while the DR director had low load
> average (<0.1 I think) and the mouse and keyboard responded just fine. I
> assume
> the rewriting of packets in NAT is the main load on the director. The same
> CPU can push the VS-DR packets through without any apparent effort.
Do I understand this correct?
The director was in both cases in a two-NIC configuration, so it
would also have to pass the return packets from the internal NIC to
the external NIC, even in DR mode?
I am surprised that there should be a big laod difference, whether those
packets are re-written or just passed.
Also, if I use the director as a firewall with ipchains and packet
filters, will it not anyway have to inspect each outgoing packet header,
independent whether it runs a NAT or DR configuration? Is there a reason
why I should see much difference in load levels then?
|| Alois Treindl, Astrodienst AG, mailto:alois@xxxxxxxxx
|| Zollikon/Zurich, Switzerland
|
