lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 08 Feb 2010 14:51:07 +0100 From: Eric Dumazet <eric.dumazet@...il.com> To: Paweł Staszewski <pstaszewski@...are.pl> Cc: Linux Network Development list <netdev@...r.kernel.org> Subject: Re: Problem wit route cache Le lundi 08 février 2010 à 14:33 +0100, Paweł Staszewski a écrit : > > > Yes this is x86_64 kernel > i kernels 2.6.32.2 / 2.6.32.7 and now 2.6.33-rc6-git5 and on all > kernels the same thing happens. > grep . /proc/sys/net/ipv4/route/* > /proc/sys/net/ipv4/route/error_burst:1250 > /proc/sys/net/ipv4/route/error_cost:250 > grep: /proc/sys/net/ipv4/route/flush: Permission denied > /proc/sys/net/ipv4/route/gc_elasticity:2 > /proc/sys/net/ipv4/route/gc_interval:2 > /proc/sys/net/ipv4/route/gc_min_interval:0 > /proc/sys/net/ipv4/route/gc_min_interval_ms:500 > /proc/sys/net/ipv4/route/gc_thresh:65535 > /proc/sys/net/ipv4/route/gc_timeout:300 > /proc/sys/net/ipv4/route/max_size:524288 > /proc/sys/net/ipv4/route/min_adv_mss:256 > /proc/sys/net/ipv4/route/min_pmtu:552 > /proc/sys/net/ipv4/route/mtu_expires:600 > /proc/sys/net/ipv4/route/redirect_load:5 > /proc/sys/net/ipv4/route/redirect_number:9 > /proc/sys/net/ipv4/route/redirect_silence:5120 > /proc/sys/net/ipv4/route/secret_interval:2 > > This happens not all the time. > I have this info only when there are "internet rush hours" - thn there > is about 700Mbit/s TX + 700Mbit/s RX forwarded traffic > I dont understand your settings, they are very very small for your setup. You want to flush cache every 2 seconds... With 12GB of ram, you could have /proc/sys/net/ipv4/route/gc_thresh:524288 /proc/sys/net/ipv4/route/max_size:8388608 /proc/sys/net/ipv4/route/secret_interval:3600 /proc/sys/net/ipv4/route/gc_elasticity:4 /proc/sys/net/ipv4/route/gc_interval:1 That would allow about 2 million entries in your route cache, using 768 Mbytes of ram, and a good cache hit ratio. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists