jow wrote: jesseg wrote:
... or there is a drastic reason that it's not..)
Indeed. Enabling ebtables has a serious impact on ethernet performance across all platforms even if it's not used. This is due to the nature of the Kernel features it requires, it will force all packets to be routed through the Linux bridge layer which results in a higher overhead compared to installations without.
Interesting. Pardon the engineer in me for a second (the one who always wants things to make sense :-)). A couple of years ago or so, I set up an old motorola router (WR850Gv3, 200Mhz) with whiterussian (0.9) and ran ebtables on it and it really worked great. I could get like 17mbit/sec through it - which is ample for what I needed.
I also run ebtables on a ~400Mhz x86 which handles all of our customer traffic, which often hovers around 30 mbit/second at peak usage, and it has no trouble that I've noticed...
Also, couldn't the ebtables code for the kernel be a module so that it could be loaded if it was needed, but not loaded if it wasn't needed, thus not slowing things down?
ebtables is just such an amazingly powerful tool for those times when you need it - and whatever slowness it adds sure isn't so bad it makes it useless. Maybe you'd need a bit faster hardware - but that's not hard to do!
If you happen to know of a technical discussion of the problem, I would be most grateful if you could direct me to it. Thanks!
The ebtables package is disabled in the release builds and therefore it's missing in the SDK as well iirc. You can, however, build it by checking out the OpenWrt source and selecting it in menuconfig. You can put the appropriate configs from the 8.09.1 download folders as .config into your checkout to build your custom image with the same featureset as the official versions.
How do I check ebtables out ? I think I have the SDK installed, but I don't know how to check out ebtables from the OpenWrt source...
(I've been compiling stuff for slackware for many years but have only been tinkering with OpenWrt lightly for a couple years. I'm used to grabbing a tarball and compiling that - but "Checking something out" is sort of a new concept to me.)
Thank you so much,