SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: SELinux performance This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: sharp <steven.harp_at_adventiumlabs.org> Date: Wed, 14 Dec 2005 19:31:42 -0600 On Wednesday 14 December 2005 06:47 pm, James Morris wrote: > On Wed, 14 Dec 2005, Joy Latten wrote: > > A while back I took up some SELinux performance work that a colleague of > > mine, Kylie Hall had done. The patch added ipv4 address, ipv6 address > > and port caches to SELinux. I believe I sent the patch a while back > > also, but can do so again if anyone is interested. The caches are > > exercised in such SELinux hooks as socket_bind(), socket_connect() and > > socket_sock_rcv_skb(). Bandwidth has allowed me some time to work on > > this. Can anyone recommend a benchmark that will exercise this code? I > > figured something that utilized many ip addresses or ports. > > apachebench is a good basic test, and you can also try webstone, lmbench > and iperf. > > Not sure how to realistically simulate large numbers of IP addresses. You might consider, budget permitting, something like Net Avalanche <spirentcom>. Rack mountable thingy designed for stress testing using realistic traffic: "simulates up to 50,000 simultaneously-connected users with unique IP addresses". (Every home should have one.) s harp -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. application/pgp-signature attachment: stored Received on Wed 14 Dec 2005 - 20:30:57 EST This message: [ Message body ] Next message: Serge E. Hallyn: "Re: SELinux performance" Previous message: James Morris: "Re: SELinux performance" In reply to: James Morris: "Re: SELinux performance" Next in thread: Serge E. Hallyn: "Re: SELinux performance" Reply: Serge E. Hallyn: "Re: SELinux performance" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom