undefined | Better HN

0 pointscommandersaki3y ago0 comments

Haha bollocks. NAT adds probably at most 1 microsecond to the processing of packets. It’s state for a flow is roughly 16 bytes. The nonsense about NAT being inefficient or slow astounds me.

0 comments

mac-chaffee3y ago

> The results show that rewriting the packets is quite a bit more expensive than just allowing or dropping a packet. For example, if we look at the unidirectional test with 10,000 flows, we see that we dropped from 14M pps [packets per second] to 3.2M pps, we also needed 13 cores more to do this!

https://atoonk.medium.com/linux-kernel-and-measuring-network...

Just speculating, but I believe the cost comes from all the memory operations of reading/editing/writing every packet, not from the NAT table lookup.

j / k navigate · click thread line to collapse

0 pointscommandersaki3y ago0 comments

Haha bollocks. NAT adds probably at most 1 microsecond to the processing of packets. It’s state for a flow is roughly 16 bytes. The nonsense about NAT being inefficient or slow astounds me.

0 comments

mac-chaffee3y ago

https://atoonk.medium.com/linux-kernel-and-measuring-network...

Just speculating, but I believe the cost comes from all the memory operations of reading/editing/writing every packet, not from the NAT table lookup.

j / k navigate · click thread line to collapse