Comment 0 for bug 1352826

I found the time to finishing the applying iptables rules( in neutron/agent/linux/iptables_manager.py _apply_synchronized,_modify_rules) takes nearly more than half an hour( 36 minutes in my environment) when the number of active vms in cloud is more than 980.
This will lead that the time of bringing new created port up when booting an instance will take very long, and if the vif_plugging_is_fatal is true, the vif_plugging_timeout is not big enough, booting will fail.
Although optimization on _modify_rules in patch https://review.openstack.org/#/c/77549/ did help shorten the cost, but still the time is not short enough (it takes 17 minutes when the number of active vms in cloud is more than 980 in my environment).
Further optimazation on _modify_rules need be done to fit the situation of Large-scale deployment.