From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Florian Westphal <fw@strlen.de>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH nf-next 1/2] netfilter: move nat hlist_head to nf_conn
Date: Mon, 11 Jul 2016 12:10:32 +0200 [thread overview]
Message-ID: <20160711101032.GA18393@salvia> (raw)
In-Reply-To: <1467713244-8555-2-git-send-email-fw@strlen.de>
On Tue, Jul 05, 2016 at 12:07:23PM +0200, Florian Westphal wrote:
> The nat extension structure is 32bytes in size on x86_64:
>
> struct nf_conn_nat {
> struct hlist_node bysource; /* 0 16 */
> struct nf_conn * ct; /* 16 8 */
> union nf_conntrack_nat_help help; /* 24 4 */
> int masq_index; /* 28 4 */
> /* size: 32, cachelines: 1, members: 4 */
> /* last cacheline: 32 bytes */
> };
>
> The hlist is needed to quickly check for possible tuple collisions
> when installing a new nat binding. Storing this in the extension
> area has two drawbacks:
>
> 1. We need ct backpointer to get the conntrack struct from the extension.
> 2. When reallocation of extension area occurs we need to fixup the bysource
> hash head via hlist_replace_rcu.
>
> We can avoid both by placing the hlist_head in nf_conn and place nf_conn in
> the bysource hash rather than the extenstion.
>
> We can also remove the ->move support; no other extension needs it.
>
> Moving the entire nat extension into nf_conn would be possible as well but
> then we have to add yet another callback for deletion from the bysource
> hash table rather than just using nat extension ->destroy hook for this.
>
> nf_conn size doesn't increase due to aligment, followup patch replaces
> hlist_node with single pointer.
Applied, thanks.
next prev parent reply other threads:[~2016-07-11 10:10 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-05 10:07 [PATCH nf-next 0/2] netfilter: nat: simplify & convert bysrc hash to rhashtable Florian Westphal
2016-07-05 10:07 ` [PATCH nf-next 1/2] netfilter: move nat hlist_head to nf_conn Florian Westphal
2016-07-11 10:10 ` Pablo Neira Ayuso [this message]
2016-07-05 10:07 ` [PATCH nf-next 2/6] netfilter: nat: convert nat bysrc hash to rhashtable Florian Westphal
2016-07-11 10:08 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160711101032.GA18393@salvia \
--to=pablo@netfilter.org \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.