You are not logged in.

#1 2013-05-24 07:09:40

Registered: 2013-05-24
Posts: 208

Uncomplicated Firewall & Netctl time consume on boot

I'm not sure if that's normal for ufw service to load in 5 seconds with systemd,

is it too long? If not, does alternatives work faster?

An addition to that, automated netctl wireless service takes 10 secs to load. Should I use network-manager or something? I'm sure it takes less than that.

I'm booting up in 21 seconds, so I'm on blank screen just to get a proper internet connection on. neutral

here is my output...

 [joyce@linuxg6-joyce tlp]$ systemd-analyze blame
          9.609s netctl@wlo1\x2dyou\x20shall\x20not\x20pass.service
          4.993s ufw.service
          1.731s systemd-logind.service
          1.593s systemd-fsck@dev-disk-by\x2duuid-08AD\x2d3F76.service
          1.470s systemd-vconsole-setup.service
          1.168s systemd-fsck@dev-disk-by\x2duuid-f061c423\x2dcbc1\x2d460b\x2d945c\x2dd85c478c855d.service
           839ms systemd-binfmt.service
           786ms systemd-fsck@dev-disk-by\x2duuid-e6fc1bb0\x2dc715\x2d4d9d\x2d91ff\x2d561910d1c545.service
           785ms sys-kernel-debug.mount
           753ms systemd-udev-trigger.service
           745ms systemd-tmpfiles-setup-dev.service
           725ms dev-mqueue.mount
           724ms systemd-remount-fs.service
           723ms sys-kernel-config.mount
           712ms dev-hugepages.mount
           675ms rc-local.service
           659ms tmp.mount
           627ms alsa-restore.service
           588ms proc-sys-fs-binfmt_misc.mount
           413ms polkit.service
           408ms cpupower.service
           304ms home.mount
           299ms udisks2.service
           298ms systemd-user-sessions.service
           293ms systemd-journal-flush.service
           288ms archive.mount
           278ms systemd-random-seed-load.service
           250ms dev-disk-by\x2duuid-195ad48c\x2d39a9\x2d4750\x2d967c\x2dd58a2c84b114.swap
           249ms systemd-update-utmp.service
           234ms systemd-sysctl.service
           224ms systemd-udevd.service
           129ms boot-efi.mount
            72ms systemd-tmpfiles-clean.service
            68ms systemd-tmpfiles-setup.service
            56ms upower.service
            30ms rtkit-daemon.service
           985us sys-fs-fuse-connections.mount

NotaBene: Ignore the rc-local lameness, I was too lazy to change the name in guide while setting switcheroo.

Last edited by Gulver (2013-05-24 07:16:17)


#2 2013-05-24 07:21:10

From: Los Gatos, CA
Registered: 2012-05-19
Posts: 8,412

Re: Uncomplicated Firewall & Netctl time consume on boot

I have always found the ufw takes quite a bit longer to load than iptables does.  Why, I have no idea.  I can't imagine that it is doing a whole hell of a lot more than plain iptables, since I think it actually uses the rules to make an iptables.rules file.  My iptables loaded in 53ms the last boot, but that is probably because i use a SSD.

Netctl@.service (netctl enable <profile>) takes a long time because it does not actually complete until a dhcp address has been resolved.  You can make this faster by using a static IP address if that is a possibility.  Otherwise, you can set netctl-auto@.service it start instead.  Because it is meant to switch between networks, it does not wait for the interface to actually resolve, but rather sends notification of completion after it is able to simply parse and load the profiles you have told it to.

I am curious how you have a service that is reporting in microseconds on the bottom.  I thought it was general concensus a couple releases ago to simply round to the ms to make it look nicer.  I have several services that start in 1ms, but I have not seen anything reported in us since 200(?) maybe.


#3 2013-05-24 07:49:39

Registered: 2013-05-24
Posts: 208

Re: Uncomplicated Firewall & Netctl time consume on boot

As I searched,

it states to enable the temporary kernel datas to be meta-stored. Some trick about loading the kernel, I think. I don't know.

Real automated netctl is the way to got then! smile

I also shall try the iptables.

Thanks s'much.

Last edited by Gulver (2013-05-24 07:51:34)


#4 2013-05-24 13:28:41

From: Los Gatos, CA
Registered: 2012-05-19
Posts: 8,412

Re: Uncomplicated Firewall & Netctl time consume on boot

Just so you know , iptables isn't easy.  There are reasons why there are wrappers around it with "uncomplicated" it its name.


Board footer

Powered by FluxBB