This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] iptables rules added by default

To: <Xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] iptables rules added by default
From: "James Harper" <james.harper@xxxxxxxxxxxxxxxx>
Date: Thu, 5 Jan 2006 16:56:59 +1100
Delivery-date: Thu, 05 Jan 2006 06:02:53 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcYRvNew77xnMRQSTSit49rDbt5YBA==
Thread-topic: iptables rules added by default
In a default install of xen-3.0-testing, I just noticed that it
automatically adds in some iptables rules when a domain is created. This
is with the default of vif-bridge.

In my case I don't use iptables on this server, so these iptables rules
are completely unnecessary and can't do anything useful for performance.

Does anyone have any comments on how much difference having iptables
loaded makes for throughput, and if this is something we should be
worrying about?


Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>