| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Feb 2016 17:46:51 -0500 From: Jamal Hadi Salim <jhs@...atatu.com> To: Daniel Borkmann <daniel@...earbox.net>, davem@...emloft.net Cc: netdev@...r.kernel.org, xiyou.wangcong@...il.com, alexei.starovoitov@...il.com, john.fastabend@...il.com, dj@...izon.com Subject: Re: [net-next PATCH v2 1/5] introduce IFE action On 16-02-25 04:46 PM, Daniel Borkmann wrote: > On 02/25/2016 01:20 PM, Jamal Hadi Salim wrote: >> Let me think about it. Likely it will be subsequent patches - I just >> want to get this set out first. > > Yes, I mean one of the key motivation was "[...] to horizontally scale > packet processing at scope of a chasis or rack [...]". By adding more processing points horizontally. Please read the paper; I think we are getting to a point where this discussion is no longer productive. > So for people > who don't have that NIC with embedded Cavium processor, they might > already hit scalability issues for encode/decode right there. > A lock on a policy that already matches is not a serious scaling problem that you need to offload to an embedded NIC. Do note the point here is to scale by adding more machines. And this shit is deployed and has proven it does scale. cheers, jamal
Powered by blists - more mailing lists