[Linux-PowerEdge] Intel's Hyper-Threading vs. Linux Iptables/Netfilter Firewall ?
danno at umich.edu
Wed Mar 20 08:36:01 CDT 2013
> I've been doing some research and couldn't find anything relevant
> my question. All I got so far was people saying things like :
> - " you should enable Intel's HT on a web server "
> I don't see any reason not to enable HT.
I agree with you that I would turn on HT unless I had a reason not to.
However, I can imagine HT hurting performance overall if it ends up
causing the CPU caches to be overloaded.
> I also read this (
> from Dell. They simply say the recommended setting for "logical
> (Intel's HT) is "disabled", but don't tell anything more... Why do
> they say
> that ?
> I don't see the word hyperthreading or letters HT in that document.
> I see disabling Virtualization Technology is mentioned though.
It mentions "Logical Processor" which is indeed hyperthreading. I can
imagine that It may make sense to disable HT if you want to ensure that
high priority jobs get full use of their CPU core.
I don't know that the absolute lowest latency is the goal with a
firewall, though, at least not under a Denial of Service attack.
Dealing with DoS is very parallelizable.
> - have a good look at the NICs you use and the drivers that go with
> it. And possibly upgrade the kernel to a newer version to get better
> performance. I guess the default onboard NIC is the Broadcom Xtreme II
> ? If I understand correctly you probably want Intel NICs, they have
> multiple queues which means interrupts and packets can be devided over
> different cores.
Intel server NICs are great, and are likely better than whatever is on
the motherboard. There are other good NICs out there; don't buy an
Intel "desktop" NIC.
The real answer to the original question: try it both ways.
ICPSR Computing & Network Services
University of Michigan
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Linux-PowerEdge