lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Tue, 21 Mar 2017 15:49:16 -0700
From:   Tom Herbert <tom@...bertland.com>
To:     Subash Abhinov Kasiviswanathan <subashab@...eaurora.org>
Cc:     Eric Dumazet <eric.dumazet@...il.com>,
        Linux Kernel Network Developers <netdev@...r.kernel.org>,
        Stephen Hemminger <stephen@...workplumber.org>,
        netdev-owner@...r.kernel.org
Subject: Re: [PATCH net-next v2] net: Add sysctl to toggle early demux for tcp
 and udp

On Sat, Mar 18, 2017 at 7:07 PM, Subash Abhinov Kasiviswanathan
<subashab@...eaurora.org> wrote:
>> Less than 1% performance improvement in a benchmark doesn't justify
>> the complexity of the patch. Eric's hypothesis was that an unconnected
>> UDP socket may show issues because of cache misses in look-ups due to
>> so many different sources. This should be fairly easy to benchmark by
>> randomly setting source address in your test (IP any and routing my
>> need to be set appropriately).
>>
>
> With different source addresses, a larger increase is seen here
> (633->654Mbps).
>
Thanks for running the tests. It's obviously not a huge win at least
relative to performance improvement we got from early demux, but I
suppose with very specific and engineered loads this might have value.
Please include this is next patch sets.

Generally, I think a good goal moving forward would be a to apply the
0 or 1 times rule for connection lookup. That is for any transport
tuple in a receive packet we want to do at most one connection lookup.
So early demux would need to apply to unconnected sockets and then we
wouldn't have to do the second lookup in UDP (or TCP for a SYN)
receive (note we also do an extra lookup for GRO with UDP
encapsulation). A reason we haven't this before might be that the
lookup may actually find the wrong socket (for example we go into a
different network namespace). Maybe the stack should consider any
lookup result outside of the protocol stack to be provisional (and it
would be super nice if we could somehow cache a dst with an
unconnected socket also ;-) )

Tom

>
> --
> The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
> a Linux Foundation Collaborative Project

Powered by blists - more mailing lists