From: Eric Dumazet <eric.dumazet@gmail.com>
To: Martin KaFai Lau <kafai@fb.com>, netdev <netdev@vger.kernel.org>
Cc: "David S . Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Kernel Team <kernel-team@fb.com>
Subject: Re: [PATCH v2 net-next 3/4] inet: Add a 2nd listener hashtable (port+addr)
Date: Fri, 01 Dec 2017 14:24:26 -0800 [thread overview]
Message-ID: <1512167066.19682.47.camel@gmail.com> (raw)
In-Reply-To: <20171201205232.3012584-4-kafai@fb.com>
On Fri, 2017-12-01 at 12:52 -0800, Martin KaFai Lau wrote:
> The current listener hashtable is hashed by port only.
> When a process is listening at many IP addresses with the same port
> (e.g.
> [IP1]:443, [IP2]:443... [IPN]:443), the inet[6]_lookup_listener()
> performance is degraded to a link list. It is prone to syn attack.
>
> UDP had a similar issue and a second hashtable was added to resolve
> it.
>
> This patch adds a second hashtable for the listener's sockets.
> The second hashtable is hashed by port and address.
>
> It cannot reuse the existing skc_portaddr_node which is shared
> with skc_bind_node. TCP listener needs to use skc_bind_node.
> Instead, this patch adds a hlist_node 'icsk_listen_portaddr_node' to
> the inet_connection_sock which the listener (like TCP) also belongs
> to.
>
> The new portaddr hashtable may need two lookup (First by IP:PORT.
> Second by INADDR_ANY:PORT if the IP:PORT is a not found). Hence,
> it implements a similar cut off as UDP such that it will only consult
> the
> new portaddr hashtable if the current port-only hashtable has >10
> sk in the link-list.
>
> lhash2 and lhash2_mask are added to 'struct inet_hashinfo'. I take
> this chance to plug a 4 bytes hole. It is done by first moving
> the existing bind_bucket_cachep up and then add the new
> (int lhash2_mask, *lhash2) after the existing bhash_size.
>
> Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Nice work, thanks Martin !
Reviewed-by: Eric Dumazet <edumazet@google.com>
next prev parent reply other threads:[~2017-12-01 22:24 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-01 20:52 [PATCH v2 net-next 0/4] tcp: Add a 2nd listener hashtable (port+addr) Martin KaFai Lau
2017-12-01 20:52 ` [PATCH v2 net-next 1/4] inet: Add a count to struct inet_listen_hashbucket Martin KaFai Lau
2017-12-01 20:52 ` [PATCH v2 net-next 2/4] udp: Move udp[46]_portaddr_hash() to net/ip[v6].h Martin KaFai Lau
2017-12-01 20:52 ` [PATCH v2 net-next 3/4] inet: Add a 2nd listener hashtable (port+addr) Martin KaFai Lau
2017-12-01 22:24 ` Eric Dumazet [this message]
2017-12-01 20:52 ` [PATCH v2 net-next 4/4] tcp: Enable 2nd listener hashtable in TCP Martin KaFai Lau
2017-12-03 15:18 ` [PATCH v2 net-next 0/4] tcp: Add a 2nd listener hashtable (port+addr) David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1512167066.19682.47.camel@gmail.com \
--to=eric.dumazet@gmail.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=kafai@fb.com \
--cc=kernel-team@fb.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.