Will increasing number of rules in iptables slow down my internet

networking linux internet iptables traffic

How much impact will the rules have on speed, if we are using match to queue the packets.


Depends on how they are written. Yes, 2400 rules can cripple your system if improperly implemented. Traffic rules should be written based on typical bandwidth usage.

For example: accept established related should be almost #1 Using ipset in combination with iptables can also boost performance when you need to block a large number of evil doers. iptables blacklist via ipset should be rule #2. The next group of rules needs to add to the ipset block list depending on your environment.

Calculate the bandwidth usage of each type of packet and order the rules from highest to lowest bandwidth

When more traffic hits more rules it slows down considerably. 2000 rules times 50,000 packets per second will cripple a lot of computers.

 2,000*50,000pps= 100,000,000 compares per second is very hard on the cpu.
  2,000*1pps     =       2,000 compares per second is easy.

Related

How do I view unicode characters on command prompt
Skydrive app sync files to local computer
Can Acrobat 11 be made to do OCR using multiple CPU cores?
.NET Framework 4.0 Targeting Pack does not show in Visual Studio
How to identify the format of images in a pdf?
How to extract only the raw contents of an ELF section?
Java Email message Parser?
JQuery show and hide div on mouse click (animate)
Find Facebook user (url to profile page) by known email address
urllib2 file name
the volatile keyword in C language? [duplicate]
How to constrain autorotation to a single orientation for some views, while allowing all orientations on others?