Re: [PATCH] ipv6: use a stronger hash for tcp

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: David Miller <davem@davemloft.net>
To: eric.dumazet@gmail.com
Cc: netdev@vger.kernel.org, ncardwell@google.com, ycheng@google.com
Subject: Re: [PATCH] ipv6: use a stronger hash for tcp
Date: Thu, 21 Feb 2013 18:18:22 -0500 (EST)	[thread overview]
Message-ID: <20130221.181822.1234155083700257175.davem@davemloft.net> (raw)
In-Reply-To: <1361485132.17413.19.camel@edumazet-glaptop>

From: Eric Dumazet <eric.dumazet@gmail.com>
Date: Thu, 21 Feb 2013 14:18:52 -0800

> From: Eric Dumazet <edumazet@google.com>
> 
> It looks like its possible to open thousands of TCP IPv6
> sessions on a server, all landing in a single slot of TCP hash
> table. Incoming packets have to lookup sockets in a very
> long list.
> 
> We should hash all bits from foreign IPv6 addresses, using
> a salt and hash mix, not a simple XOR.
> 
> inet6_ehashfn() can also separately use the ports, instead
> of xoring them.
> 
> Reported-by: Neal Cardwell <ncardwell@google.com>
> Signed-off-by: Eric Dumazet <edumazet@google.com>

Applied, and queued up for -stable, thanks Eric.

I bet we can consolidate this slightly, to make it less
expensive yet not give up much in terms of protection.  Two
jhash3word()'s is quite a lot.

next prev parent reply	other threads:[~2013-02-21 23:18 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-02-21 22:18 [PATCH] ipv6: use a stronger hash for tcp Eric Dumazet
2013-02-21 22:43 ` Hannes Frederic Sowa
2013-02-21 22:48   ` Eric Dumazet
2013-02-21 23:06     ` Hannes Frederic Sowa
2013-02-21 23:18 ` David Miller [this message]
2013-02-21 23:49   ` Andi Kleen
2013-02-22  0:14     ` Hannes Frederic Sowa
2013-02-22  0:48     ` David Miller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130221.181822.1234155083700257175.davem@davemloft.net \
    --to=davem@davemloft.net \
    --cc=eric.dumazet@gmail.com \
    --cc=ncardwell@google.com \
    --cc=netdev@vger.kernel.org \
    --cc=ycheng@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).