IBM REDP-4285-00 User Manual
4285ch04.fm
Draft Document for Review May 4, 2007 11:35 am
134
Linux Performance and Tuning Guidelines
However, Netfilter provides packet filtering capability and enhances network security. It can be
a trade-off between security and performance. How much the Netfilter performance impact is
depends on the following factors:
a trade-off between security and performance. How much the Netfilter performance impact is
depends on the following factors:
Number of rules
Order of rules
Complexity of rules
Connection tracking level (depends on protocols)
Netfilter kernel parameter configuration
4.7.7 Offload configuration
As we described in 1.5.3, “Offload” on page 33, some network operations can be offloaded to
a network interface device if it supports the capability. You can use the ethtool command to
check the current offload configurations.
a network interface device if it supports the capability. You can use the ethtool command to
check the current offload configurations.
Example 4-21 Checking offload configurations
[root@lnxsu5 plnxsu4]# ethtool -k eth0
Offload parameters for eth0:
rx-checksumming: off
tx-checksumming: off
scatter-gather: off
tcp segmentation offload: off
udp fragmentation offload: off
generic segmentation offload: off
Offload parameters for eth0:
rx-checksumming: off
tx-checksumming: off
scatter-gather: off
tcp segmentation offload: off
udp fragmentation offload: off
generic segmentation offload: off
Change the configuration command syntax is as follows:
ethtool -K DEVNAME [ rx on|off ] [ tx on|off ] [ sg on|off ] [ tso on|off ] [
ufo on|off ] [ gso on|off ]
ufo on|off ] [ gso on|off ]
Example 4-22 Example of offload configuration change
[root@lnxsu5 plnxsu4]# ethtool -k eth0 sg on tso on gso off
Supported offload capability may differ by network interface device, Linux distribution, kernel
version and the platform you choose. If you issue an unsupported offload parameter, you may
get some error messages.
version and the platform you choose. If you issue an unsupported offload parameter, you may
get some error messages.
Impact of offloading
Benchmarks have shown that thc CPU utilization can be reduced by NIC offloading.
Figure 4-20 on page 135 shows the higher CPU utilization improvement in large data size
(more than 32Kbytes). The large packets take advantage of checksum offloading because
checksumming needs to calculate the entire packet, so more processing power is consumed
as the data size increases.
Figure 4-20 on page 135 shows the higher CPU utilization improvement in large data size
(more than 32Kbytes). The large packets take advantage of checksum offloading because
checksumming needs to calculate the entire packet, so more processing power is consumed
as the data size increases.