netdev
[Top] [All Lists]

Re: TODO list before feature freeze

To: jamal <hadi@xxxxxxxxxx>
Subject: Re: TODO list before feature freeze
From: Patrick Schaaf <bof@xxxxxx>
Date: Mon, 29 Jul 2002 18:26:59 +0200
Cc: Andi Kleen <ak@xxxxxxx>, Rusty Russell <rusty@xxxxxxxxxxxxxxx>, netfilter-devel@xxxxxxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx, netfilter-core@xxxxxxxxxxxxxxxxxxx
In-reply-to: <Pine.GSO.4.30.0207290719580.12604-100000@shell.cyberus.ca>; from hadi@cyberus.ca on Mon, Jul 29, 2002 at 07:23:49AM -0400
References: <20020729131239.A5183@wotan.suse.de> <Pine.GSO.4.30.0207290719580.12604-100000@shell.cyberus.ca>
Sender: owner-netdev@xxxxxxxxxxx
User-agent: Mutt/1.2.5i
Jamal,

> They also have a lot of problems with their per-packet computations.
> Robert and I spent a short time looking at "this thing that is making
> us look bad" (perfomance wise) and talked to Harald.

Do you have written up somewhere what kind of performance problems you were
seeing, under which conditions (hash bucket count, number of tracked
connections, packet load)

> Something that looked like needs improvement at first glance was the aging
> and hashing schemes.

Regarding the hashing schemes, please see discussions on netfilter-devel
over the last weeks:

http://lists.netfilter.org/pipermail/netfilter-devel/2002-July/thread.html

and a small presentation of various bucket sizes / hash functions
for some real world scenarios: http://bei.bof.de/ex6/
This presentation, a bit terse on comments, links to a tarball
which allows you to recreate the same presentation for any
dump of /proc/net/ip_conntrack, varying bucket counts and
hash functions.

best regards
  Patrick


<Prev in Thread] Current Thread [Next in Thread>