-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE7sBxPmxNSLEwQp4k5k1h0mWW9oAFAmJL0IEACgkQ5k1h0mWW
9oBKjQgAqAyi7armgkBvyLD4o+2uODNdbR5lgVe+Y0pYlz7Q9xyPb5vFfWBUSaFa
1s6e8ZmmEteejJXENZJ4CFOCQx1/NUGQeEPmKKQ2G9r9p7gdBF/hD6GzkS4h0/cV
F7KD9kC3cdsnGmChz+y1yieHhLB23AeVspTT71UB+tbnAz+jqo3wwtrls42lllnb
0KLDq9Hi1uW4/xJfCksWkOn0Wul3qxCUw6HxcIiBnQHqnzKd5U9eJbwvPhCC46l7
F90RAEs8dGLwmDXrv94HuyKVrtsnVAC+MHhCtHM2/GC7cUeBHGLeTUrJtFNX3LEh
XFFYzStDWgonA8I5durIT5GQhGkMRQ==
=FCcv
-----END PGP SIGNATURE-----
> 4. apr. 2022 kl. 21:50 skrev Nicolas Goy <me@kuon.ch>:
>
> Hello,
>
> I'd like to make some 10gbit/s benchmarks for an OpenBSD based router.
>
> I was wondering if there was some "standard" pf ruleset I could use to
> have a meaningful metric.
>
> Also, I'm curious if anymody is aware of such existing benchmarks.
There is the default ruleset that is built into /etc/rc, which is what you get when you boot with either an empty /etc/pf.conf or one that fails syntax check.
Basic benchmarking tends to measure performance with PF enabled and disabled.
From my limited experience I have not seen the number of rules in a ruleset influence performance much if at all. But of course you may be able to generate something enormous enough to actually make an impact there.
All the best,
Peter
—
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
No comments:
Post a Comment