lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Jan 2012 09:26:25 -0800 From: Ben Greear <greearb@...delatech.com> To: David Miller <davem@...emloft.net> CC: eric.dumazet@...il.com, simonchennj@...il.com, netdev@...r.kernel.org Subject: Re: increase the number of routing tables On 01/29/2012 01:01 PM, David Miller wrote: > From: Ben Greear<greearb@...delatech.com> > Date: Sat, 28 Jan 2012 18:46:01 -0800 > >> On 01/28/2012 06:41 PM, Eric Dumazet wrote: >>> Its is possible, but probably not scalable. >> >> I've run with a few thousand routing tables and probably 5000 or so >> rules. It seems to run OK.... >> >>> You really should not have too many "ip rule" entries, since they are >>> evaluated linearly. >> >> For every packet, or maybe just until conn-track gets an entry >> for the connection? > > When the routing cache is removed, using a huge number of rules is not > going to be something you want to do any more because the rule table > will be inspected on every route lookup. Well, that sounds like a reason to keep the routing cache around, even if it isn't used by default, perhaps. Thanks, Ben -- Ben Greear <greearb@...delatech.com> Candela Technologies Inc http://www.candelatech.com -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists