lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 28 May 2020 12:02:47 +0800
From:   wenxu <>
To:     Paul Blakey <>, Roi Dayan <>
Cc:     Saeed Mahameed <>,
        "" <>
Subject: The size of ct offoad mlx5_flow_table in mlx5e driver

Hi  Paul,

I have a question about the size of ct and ct nat flow table.

There are two global mlx5_flow_table tables ct and ct_nat for act_ct offload.

The ct and ct_nat flow table create through mlx5_esw_chains_create_global_table

and get the size through mlx5_esw_chains_get_avail_sz_from_pool(esw, POOL_NEXT_SIZE);

Firmware currently has 4 pool of 4 sizes that it supports (ESW_POOLS),

and a virtual memory region of 16M (ESW_SIZE).  It allocates up to 16M of each pool.

ESW_POOLS[] = { 4 * 1024 * 1024,
                             1 * 1024 * 1024,
                             64 * 1024,
                             128 };

So it means the biggest flow table size is 4M. The ct and ct_nat flowtable create in advance,

The size of ct and ct_nat is 4M.

It means there are almost 4M conntrack entry offload to the hardware?

The flow table map is fixed in the FW? And the size can be changed to 8M through the following?

ESW_POOLS[] = { 8 * 1024 * 1024,
                             1 * 1024 * 1024,
                             64 * 1024,
                             128 };



Powered by blists - more mailing lists