[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180219183730.GL5490@nataraja>
Date: Mon, 19 Feb 2018 19:37:30 +0100
From: Harald Welte <laforge@...monks.org>
To: David Miller <davem@...emloft.net>
Cc: daniel@...earbox.net, netdev@...r.kernel.org,
netfilter-devel@...r.kernel.org, alexei.starovoitov@...il.com
Subject: Re: [PATCH RFC 0/4] net: add bpfilter
Hi David,
On Mon, Feb 19, 2018 at 12:29:08PM -0500, David Miller wrote:
> People with an Android phone in their pocket is using iptables, and
> the overhead and performance of those rules really does matter. It
> determines how long your battery life is, etc.
I am not the android expert. However, I just dumped the ruleset on my
Galaxy Tab S2 (Android 7.1.2 / LineageOS), and it was a whooping 91
rules across all tables. The longest chain interation I could spot
was 24 rules. That's not the kind of ruleset where I would expect
performance worries.
And if there was, nftables is around for quite some time and would be
much faster.
Sure, that was just one tablet, but I wonder how much Android packet
filter performance issue there are. Would be interesting to hear about
those (and on whether they benchmarked against nftables).
> > I can just as well ask how many millions of users / devices are
> > already using eBPF or XDP?
>
> Every time someone connects to a major provider, they are using it.
I was speaking of actual *users* as in indiiduals running their own
systems, companies running their own servers/datacenter. The fact that
some ISP (or its supplier) decisdes that one of my IP packets is routed
via a smartnic with XDP offloading somewhere is great, but still doesn't
turn me into a "user" of that technology. Not in my linke of thinking,
at least.
> And by in large, for system tracing and analysis eBPF is basically
> a hard requirement for people doing anything serious these days.
That's great, but misses the point. I was referring to usage in the
context of the kernel network stack. Sorry for not being explicit
enough.
Also, the entire point was about "new technologies need time to be
adopted widely". Doesn't matter which new kernel feature that is.
Sure, one data center / hosting / "cloud" provider can quickly roll out
a change in their network. But I'm referring to significant,
(Linux-)industry-wide adoption. That would first include major
distributions to include/enable/support the feature, and then people
actually building their systems/products/software on top of those.
> Please see the wonderful work by Brendan Gregg and others which has
> basically made the GPL'ing of DTrace by Oracle entirely irrelevant and
> our Linux's tracing infrastructure has become must more powerful and
> capable thanks to eBPF.
Agreed.
--
- Harald Welte <laforge@...monks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)
Powered by blists - more mailing lists