[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: performance: single ip in table Vs single ip

> Simple question which rule is evaluated faster.
> table <ip0-2> const {}
> pass in quick on $int_if from <ip0-2> to any
> pass in quick on $int_if from to any
Daniel did some tests several years ago and the break even point was
about six IPs in a table versus six individual rules.  So your table
rule will be 6x as slow.  Unless you're running 10yr old hardware, your
firewall is probably so overpowered that it doesn't matter.