Unloading unused kernel modules (NAT speed)

Rafał Miłecki zajec5 at gmail.com
Fri Feb 3 08:18:31 PST 2023


Another step in my NAT performance debugging.

I realized that my OpenWrt 21.02 based bcm53xx builds can't reach 940
Mb/s because I have qos-scripts installed.

It happens even with QoS interface disabled:
qos.wan.enabled='0'
and with QoS disabled in general:
/etc/init.d/qos stop
(disable & reboot don't help neither)

After quite some debugging I discovered that:
1. qos-scripts selects iptables-mod-conntrack-extra
2. iptables-mod-conntrack-extra selects kmod-ipt-raw
3. kmod-ipt-raw provides iptable_raw.ko
4. iptable_raw.ko slows down NAT


I can bump NAT speed from 880 Mb/s to 940 Mb/s by doing:

# rmmod iptable_raw
unloading the module failed
# /etc/init.d/firewall stop > /dev/null 2>&1
# rmmod iptable_raw
# /etc/init.d/firewall start > /dev/null 2>&1


I'm wondering if there is any good solution to that. I can't think of
anything clean and generic. Handling modprobe & rmmod directly in
/etc/init.d/qos sounds really hacky. Any good ideas?

-- 
Rafał



More information about the openwrt-devel mailing list