raspberry pi & kexec

axl · Veteran Joined: 11 Oct 2002 Posts: 1144 Location: Romania

I thought about using an old thread. But decided to start a new one.

Long story short, what is the deal with smp on rpi? When you enable smp, the kexec option is disabled? Why? It's not a true smp system? its' buggy? Can you go unicore and still maintain the same cpu power?

I feel like regardless of the options, the rpi can only do so much. And I don't think it can do 4x1.xGhz. I feel like it's a pseudo smp. Am I right?

Based on some of the tests I did... maybe it would be ok to leave out smp on some of my pi's. Just rely on the multi threading code, rather than a pseudo smp. Kexec for me would be a big gain, but it's not just that.

For instance, I mentioned in another thread that I switched to a rpi router. A rpi 3a. One of the biggest problems is starting the firewall. And not just starting it, but using it. My firewall includes geolocation blocking. I took the geolocation info from maxwind, fed it to ipsec and using iptables I'm blocking not just countries but continents. Basically if you are in UE or North America u're ok... everyone else gets denied. That takes a lot. And I often look to the pi and I see 25% cpu blocked by ksoftirqd. I didn't experiment much without smp enabled, because that idea just came to me, and that's why i'm asking.

As far as throughput I know it's fine. It can reach maximum bandwidth very easily. It's the rest of the stuff that may slow it down... like this geolocation firewall. And I'm thinking... is it a true smp system? does it actually have a second core? Or it's just software?

AlexJGreen · Tux's lil' helper Joined: 19 Sep 2018 Posts: 149

axl · Veteran Joined: 11 Oct 2002 Posts: 1144 Location: Romania

yes. ipset. sorry. typo.

sec. so I parsed the maxwind databases. I am willing to share that code too.

but in essence I went with a php approach. like when you enable or disable modules in php if they are linked in ext-active dir.

I created a /etc/firewall/countries. All countries there with the data from maxwind. And I have another dir with /etc/firewall/block_country.

And the last bit of the firewall has to

axl · Veteran Joined: 11 Oct 2002 Posts: 1144 Location: Romania

There are times, watching top, when the cpu is at 25, 50, 75 or 100. ksoftirqd. there's very little in between. And that was while I was torrenting "the last dance". Michael Jordan. the 98 bulls. Special time in my life. And I'm not just pirating content. I have a legitimate netflix account. I will be watching when they come online. I just wanted a sneak preview and it's a good test for a network setup.

It still hit the 10Mbps mark easily, or 100 MBps mark (depending how you count). But it's struggling at times. it feels awkward. because it's just limited to 25% or 50% or 75%. and those feels like threads. That's why I was asking about smp.

Is hash:net bad ? well... 90000 of them might not be good, but is it bad? is there another way?

AlexJGreen · Tux's lil' helper Joined: 19 Sep 2018 Posts: 149

axl · Veteran Joined: 11 Oct 2002 Posts: 1144 Location: Romania

I used ipdeny for a while, but it had moments when it was down. That's why I switch to maxwind database. You should really add Russia to that list. On my list, it's my biggest offender.