| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Mar 2013 16:54:52 +0100
From: Jesper Dangaard Brouer <brouer@...hat.com>
To: Eric Dumazet <eric.dumazet@...il.com>,
"David S. Miller" <davem@...emloft.net>
Cc: Jesper Dangaard Brouer <brouer@...hat.com>, netdev@...r.kernel.org,
Florian Westphal <fw@...len.de>,
Daniel Borkmann <dborkman@...hat.com>,
Hannes Frederic Sowa <hannes@...essinduktion.org>
Subject: [net-next PATCH 0/3] net: frag performance followup
This patchset is a followup to my previously accepted fragmentation
patchset:
http://thread.gmane.org/gmane.linux.network/257155
This patchset is not my entire patch queue, as I have left out the
patch I mentioned in:
http://thread.gmane.org/gmane.linux.network/261924
"RFC crap-patch [PATCH] net: Per CPU separate frag mem accounting"
Because I'm working on another "replacement" patch which removes the LRU
list, which I discussed with Eric Dumazet during Netfilter Workshop. I
have some preliminary results of that later in this mail.
I'm uncertain if this is net-next or net material?
(for now it's based on net-next on top of commit f5a03cf461)
Patch list:
Patch-01: avoid several CPUs grabbing same frag queue during LRU evictor loop
Patch-02: use the frag lru_lock to protect netns_frags.nqueues update
Patch-03: frag queue per hash bucket locking
(below not-included)
Patch-XX: Try Impl. Eric's idea, no LRU and direct hash cleaning
Notice, I have changed the frag DoS generator script to be more
efficient/deadly. Before it would only hit one RX queue, now its
sending packets causing multi-queue RX, due to "better" RX hashing.
Same test setup:
Two 10G interfaces, on seperate NUMA nodes, are under-test, and uses
Ethernet flow-control. A third interface is used for generating the
DoS attack (with trafgen).
Test types summary (netperf UDP_STREAM):
Test-20G64K == 2x10G with 65K fragments
Test-20G3F == 2x10G with 3x fragments (3*1472 bytes)
Test-20G64K+DoS == Same as 20G64K with frag DoS
Test-20G3F+DoS == Same as 20G3F with frag DoS
Test-20G64K+MQ == Same as 20G64K with Multi-Queue frag DoS
Test-20G3F+MQ == Same as 20G3F with Multi-Queue frag DoS
Performance table summary (in Mbit/s):
Test-type: 20G64K 20G3F 20G64K+DoS 20G3F+DoS 20G64K+MQ 20G3F+MQ
---------- ------- ------- ---------- --------- -------- -------
net-next: 18486.7 10723.2 3657.85 4560.64 99.9 189.1
Patch-01: 18830.8 13388.4 4054.96 5377.27 127.9 433.4
Patch-02: 18848.7 13230.1 4103.04 5310.36 130.0 440.2
Patch-03: 18838.0 13490.5 4405.11 6814.72 196.6 461.6
(below work-in-progress)
Patch-XX: 18800.0 15698.4 10012.90 12039.00 4257.39 3305.8
After his patchset, the LRU list is the major bottleneck. As can also
be seen by my preliminary results of removing the LRU list.
---
Jesper Dangaard Brouer (3):
net: frag queue per hash bucket locking
net: use the frag lru_lock to protect netns_frags.nqueues update
net: frag, avoid several CPUs grabbing same frag queue during LRU evictor loop
include/net/inet_frag.h | 11 +++++++-
net/ipv4/inet_fragment.c | 65 +++++++++++++++++++++++++++++++++++-----------
2 files changed, 60 insertions(+), 16 deletions(-)
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Sr. Network Kernel Developer at Red Hat
Author of http://www.iptv-analyzer.org
LinkedIn: http://www.linkedin.com/in/brouer
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists