That's not a small figure :)
> The box also lags SEVERLY when I'm trying to use the state matching
> in the kernel (as module), lagging badly when ip_conntrack is loaded.
>
> In contrast, I am running the same OS and kernel versions on another
> box (same modules) and am not having the same problem (it is only
> handling about 5Mbps sustained out, and 1Mbps sustained inbound).
>
> I need HELP!
Profile your box. (We need to know where it spends most of CPU time).
Send profile data to the list.
Also collect interrupt rate info.
You may also look into Intel EEpro/100 driver's interrupt handler code.
Does is lag that bad without iptables?
-- vda - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/