Posts with tag netfliter

Drop rules can impact network performance

Drop vs Reject

Many administrators configure their firewalls to block any network communication using DROP rules for unused ports. This is also recommended on many websites. However, this is not the best approach and often leads to unnecessary losses in network performance and higher CPU load. Here’s why.