3

I would like to know if introducing a new gateway in my network will slow things down. The question may sound unclear but here is an illustration:

Before Installing gateway server

Main Router <=> switches <=>  servers

after installing gateway Server

Main Router <=> IPtables router <=> switches <=>  servers

My question is. How much will this delay incoming outgoing requests / file transfers. thanks, RayQuang

RayQuang
  • 674
  • 1
  • 9
  • 16

3 Answers3

6

If the box has enough CPU/memory/bandwidth, nothing at all; almost every modern computer couldn't care less about handling routing for a 100 MBit network, unless you really throw in lots and lots of rules.

Massimo
  • 70,200
  • 57
  • 200
  • 323
  • +1. It'll be negligible. – SmallClanger Jan 11 '11 at 09:38
  • The only time I've seen an P4 iptables box with 1G of RAM not able to handle the load was when there was 600Mb/s+ of UDP DDOS packets coming at it. With normal traffic usage there will be no issues, even with 3K+ fairly basic rules with no natting. – Niall Donegan Jan 11 '11 at 11:42
1

There will be a low amount of slow-down simply due to the extra processing needed to take the packets from one interface of your IPTables router to the other. There will also be some slow-down that would depend on the exact iptables config you are using (the tables are processed in sequence, each step taking a few machine instructions, generally taking mor time the more you're looking at).

However, we're talking "probably sub-millisecond" delays, so in normal operation, you're unlikely to notice much.

Vatine
  • 5,440
  • 25
  • 24
1

What do you intend to do with iptables? If you are using QUEUE rules, taking the packets into user-space and mangling them then re-injecting them, it will take a long time.

99% of the time it will be basically undetectable.

hellomynameisjoel
  • 2,172
  • 2
  • 18
  • 23