| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Nov 2012 22:37:17 +0100 From: Jesper Dangaard Brouer <brouer@...hat.com> To: Eric Dumazet <eric.dumazet@...il.com> Cc: David Miller <davem@...emloft.net>, fw@...len.de, netdev@...r.kernel.org, pablo@...filter.org, tgraf@...g.ch, amwang@...hat.com, kaber@...sh.net, paulmck@...ux.vnet.ibm.com, herbert@...dor.hengli.com.au Subject: Re: [net-next PATCH V2 1/9] net: frag evictor, avoid killing warm frag queues On Fri, 2012-11-30 at 08:37 -0800, Eric Dumazet wrote: > On Fri, 2012-11-30 at 16:45 +0100, Jesper Dangaard Brouer wrote: > > On Fri, 2012-11-30 at 06:52 -0800, Eric Dumazet wrote: > > > > > > I dont know how you expect that many > > > datagrams being correctly reassembled with ipfrag_high_thresh=262144 > > > > That's my point... I'm showing that its not possible, with out current > > implementation! > > What I was saying is that the limits are too small, and we should > increase them for this particular need. > > This has little to do with the underlying algo. Actual data is an engineers best friend. [root@...gon ~]# sysctl -w net/ipv4/ipfrag_high_thresh=$((4<<20)) net.ipv4.ipfrag_high_thresh = 4194304 [root@...gon ~]# sysctl -w net/ipv4/ipfrag_low_thresh=$((3<<20)) net.ipv4.ipfrag_low_thresh = 3145728 [jbrouer@...esoul ~]$ netperf -H 192.168.51.2 -T0,0 -t UDP_STREAM -l 20 &\ netperf -p 1337 -H 192.168.31.2 -T7,7 -t UDP_STREAM -l 20 [1] 18573 UDP UNIDIRECTIONAL SEND TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 192.168.51.2 (192.168.51.2) port 0 AF_INET : cpu bind UDP UNIDIRECTIONAL SEND TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to 192.168.31.2 (192.168.31.2) port 0 AF_INET : cpu bind Socket Message Elapsed Messages Size Size Time Okay Errors Throughput bytes bytes secs # # 10^6bits/sec 229376 65507 20.00 363315 0 9519.86 212992 20.00 7297 191.20 Socket Message Elapsed Messages Size Size Time Okay Errors Throughput bytes bytes secs # # 10^6bits/sec 229376 65507 20.00 366927 0 9614.48 212992 20.00 10437 273.48 This test is 2x10G with straight NUMA nodes (meaning optimal NUMA allocation where the incoming netperf packets are received by kernel and delivered to netserver on the same NUMA node). Come on Eric, you are smart than this. When will you realize, that dropping partly completed fragment queue are bad for performance? (And thus a bad algorithmic choice in the evictor) -- Best regards, Jesper Dangaard Brouer MSc.CS, Sr. Network Kernel Developer at Red Hat Author of http://www.iptv-analyzer.org LinkedIn: http://www.linkedin.com/in/brouer -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists