lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 21 Mar 2017 15:49:16 -0700 From: Tom Herbert <tom@...bertland.com> To: Subash Abhinov Kasiviswanathan <subashab@...eaurora.org> Cc: Eric Dumazet <eric.dumazet@...il.com>, Linux Kernel Network Developers <netdev@...r.kernel.org>, Stephen Hemminger <stephen@...workplumber.org>, netdev-owner@...r.kernel.org Subject: Re: [PATCH net-next v2] net: Add sysctl to toggle early demux for tcp and udp On Sat, Mar 18, 2017 at 7:07 PM, Subash Abhinov Kasiviswanathan <subashab@...eaurora.org> wrote: >> Less than 1% performance improvement in a benchmark doesn't justify >> the complexity of the patch. Eric's hypothesis was that an unconnected >> UDP socket may show issues because of cache misses in look-ups due to >> so many different sources. This should be fairly easy to benchmark by >> randomly setting source address in your test (IP any and routing my >> need to be set appropriately). >> > > With different source addresses, a larger increase is seen here > (633->654Mbps). > Thanks for running the tests. It's obviously not a huge win at least relative to performance improvement we got from early demux, but I suppose with very specific and engineered loads this might have value. Please include this is next patch sets. Generally, I think a good goal moving forward would be a to apply the 0 or 1 times rule for connection lookup. That is for any transport tuple in a receive packet we want to do at most one connection lookup. So early demux would need to apply to unconnected sockets and then we wouldn't have to do the second lookup in UDP (or TCP for a SYN) receive (note we also do an extra lookup for GRO with UDP encapsulation). A reason we haven't this before might be that the lookup may actually find the wrong socket (for example we go into a different network namespace). Maybe the stack should consider any lookup result outside of the protocol stack to be provisional (and it would be super nice if we could somehow cache a dst with an unconnected socket also ;-) ) Tom > > -- > The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum, > a Linux Foundation Collaborative Project
Powered by blists - more mailing lists