From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Vlad Buslov <vladbu@nvidia.com>
Cc: netfilter-devel@vger.kernel.org, kadlec@netfilter.org,
fw@strlen.de, ozsh@nvidia.com, paulb@nvidia.com
Subject: Re: [PATCH net-next v3 0/3] Conntrack offload debuggability improvements
Date: Thu, 19 May 2022 22:41:49 +0200 [thread overview]
Message-ID: <YoarjVnP26f9WBvB@salvia> (raw)
In-Reply-To: <20220517165909.505010-1-vladbu@nvidia.com>
On Tue, May 17, 2022 at 07:59:06PM +0300, Vlad Buslov wrote:
> Current conntrack offload implementation doesn't provide much visibility
> and control over offload code. The code just tries to offload new flows,
> even if current amount of flows is beyond what can be reasonably
> processed by target hardware. On top of that there is no way to
> determine current load on workqueues that process the offload tasks
> which makes it hard to debug the cases where offload is significantly
> delayed due to rate of new connections being higher than driver or
> hardware offload rate.
>
> Improve the debuggability situation by implementing following new
> functionality:
>
> - Sysctls for current total count of offloaded flow and
> user-configurable maximum. Capping the amount of offloaded flows can
> be useful for the allocations of hardware resources. Note that the
> flow can still be offloaded afterwards via 'refresh' mechanism if
> total hardware count.
>
> - Procfs for current total of workqueue tasks for nf_ft_offload_add,
> nf_ft_offload_del and nf_ft_offload_stats queues. This allows
> visibility for flow offload delay due to system scheduling offload
> tasks faster than driver/hardware can process them.
Series applied, thanks!
prev parent reply other threads:[~2022-05-19 20:41 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-17 16:59 [PATCH net-next v3 0/3] Conntrack offload debuggability improvements Vlad Buslov
2022-05-17 16:59 ` [PATCH net-next v3 1/3] net/sched: act_ct: set 'net' pointer when creating new nf_flow_table Vlad Buslov
2022-05-17 16:59 ` [PATCH net-next v3 2/3] netfilter: nf_flow_table: count and limit hw offloaded entries Vlad Buslov
2022-05-17 16:59 ` [PATCH net-next v3 3/3] netfilter: nf_flow_table: count pending offload workqueue tasks Vlad Buslov
2022-05-19 20:41 ` Pablo Neira Ayuso [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YoarjVnP26f9WBvB@salvia \
--to=pablo@netfilter.org \
--cc=fw@strlen.de \
--cc=kadlec@netfilter.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=ozsh@nvidia.com \
--cc=paulb@nvidia.com \
--cc=vladbu@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.