| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 6 Apr 2016 14:42:26 -0300 From: Tom Herbert <tom@...bertland.com> To: David Miller <davem@...emloft.net> Cc: Edward Cree <ecree@...arflare.com>, Herbert Xu <herbert@...dor.apana.org.au>, Alexander Duyck <alexander.duyck@...il.com>, Alex Duyck <aduyck@...antis.com>, Jesse Gross <jesse@...nel.org>, Eric Dumazet <edumazet@...gle.com>, Linux Kernel Network Developers <netdev@...r.kernel.org> Subject: Re: [net PATCH v2 2/2] ipv4/GRO: Make GRO conform to RFC 6864 On Wed, Apr 6, 2016 at 12:43 PM, David Miller <davem@...emloft.net> wrote: > From: Tom Herbert <tom@...bertland.com> > Date: Wed, 6 Apr 2016 10:53:52 -0300 > >> Packets that are forwarded really should not be GRO'ed in the first >> place because of the loss of information and added latency. > > First of all GRO is supposed to be lossless, so please stop saying this > would be a reason to turn it off on a router. > > Second of all, the biggest piece of overhead is the routing lookup, > therefore GRO batching helps enormously with routing workloads, and > therefore is appropriate to be enabled on routers. > > Yes, I agree that for locally terminated stuff it helps more, but don't > turn this into a "GRO on routers, meh..." type argument. It simply is > not true at all. > GRO on routers will help in a limited case where there is little load and the traffic is nicely groomed high tput TCP connections. But for routers with significant load, handling large quantities other protocols like UDP, GRO is not necessarily helpful and presents a nondeterministic performance improvement. For instance, I cannot provision a router with any assumptions that GRO will be effective for any % of packets to save any % of CPU, we need to provision based purely on ability to forward by pps assuming no benefit from GRO. Technically, this provisioning argument applies to end hosts also. We have seen real cases on video servers where servers were mis-provisioned with the assumption that GSO is always effective. So when were getting good GSO benefits we might be using something like 80% CPU, but if some connectivity event occurs forcing all the cwnds of the active connections drop, we find we need 110% of CPU to recover. This discussion is relevant because there is a big push now to replace dedicated HW with commodity HW running Linux, this is already happened significantly in load balancers but I expect this to extend to even some cases of basic switching. Besides, I seriously doubt you'll find any commercial router in the world that does GRO. Yes, GRO needs to work correctly in all cases, but for system performance in routing we a bound to per packet actions like route lookup. As I said, optimizing GRO as Edward is suggesting for forwarding case seems to have diminishing benefits. Tom
Powered by blists - more mailing lists