Nftables Load Balancing 10x faster than LVS

Posted by Zevenet | 17 October, 2016 | Technical

These two pages were the beginning of Load Balancing with nftables project, developed between Pablo Neira (Netfilter Core Team) and Laura García (Zen Load Balancer Team) and presented at the last Netdev 1.2 Conference in Tokyo along with its benchmarks where were proved that nftables from ingress reaches a performance almost 10 times faster than LVS.

nftables_notes

We mainly have implemented two new expressions to the nft infrastructure in order to provide load balancing properties: nft_numgen, with 2 main operations incremental to perform round robin connections scheduling and random to create weighted scheduling, and nft_hash to provide persistence according to an input register.

Through the prerouting and postrouting hooks, we can implement source NAT and destination NAT topologies, meanwhile LVS only allows sNAT. Also, Direct Server Return topology could be performed via ingress, which is a very early stage of an incoming packet so the performance is much better. Here we display some benchmarks presented for IPv4 with HTTP flows:

nftables_bench_ipv4

As it’s shown in the graph above, NAT topologies between nftables and LVS have no much difference in performance, meanwhile DSR topology in nftables could perform almost 10x faster than LVS.

With IPv6 we got similar results to IPV4 but the number of HTTP requests per seconds has been improved in general for all cases. Load Balancing with nftables from ingress can reach more than 430 thousands of HTTP requests per seconds with less than 1% of CPU and almost 6x faster than LVS.

nftables_bench_ipv6

This talk was part of the nftables workshop.

CHECK OUR NETDEV TALKS PAPERS
Or check out the full presentation.

This is just the beginning, follow our development, it will be the future of Zevenet LB core.

SHARE ON:

Related Blogs

Posted by zenweb | 20 July 2022
A network operations center (NOC) is a central location where IT teams in an organization monitor the performance of a network. The NOC provides servers, databases, hard disk space, and…
19 LikesComments Off on Network Operations Center, Definition and Top 4 Best Practices
Posted by zenweb | 11 July 2022
Introduction The process of achieving and maintaining PCI DSS Compliance is not easy for any organization. Be it a large-scale organization, mid-sized firm, or a small company, PCI DSS can…
15 LikesComments Off on What Preparations are required for PCI DSS Compliance?
Posted by zenweb | 04 July 2022
Cyber Security has evolved very quickly over the years, from an IT issue to an issue to be used in businesses. It has been demonstrated that Cyber attacks can be…
13 LikesComments Off on 5 Benefits of Investing in Cyber Security & IT solutions in 2022