From: Patrick McHardy <kaber@trash.net>
To: David Miller <davem@davemloft.net>
Cc: hadi@cyberus.ca, herbert@gondor.apana.org.au,
netdev@vger.kernel.org, kuznet@ms2.inr.ac.ru
Subject: Re: [PKT_SCHED]: Add stateless NAT
Date: Fri, 28 Sep 2007 18:55:32 +0200 [thread overview]
Message-ID: <46FD3204.6090305@trash.net> (raw)
In-Reply-To: <20070927.120803.39482469.davem@davemloft.net>
David Miller wrote:
> From: jamal <hadi@cyberus.ca>
> Date: Thu, 27 Sep 2007 08:39:45 -0400
>
>>>+config NET_ACT_NAT
>>>+ tristate "Stateless NAT"
>>>+ depends on NET_CLS_ACT
>>>+ select NETFILTER
>>
>>I am gonna have to agree with Evgeniy on this Herbert;->
>>The rewards are it will improve performance for people who dont need
>>netfilter.
>
>
> I agree that we should move the functions out. However...
>
> You have to realize that this logic is a complete crock
> of shit for %99.99999999999999999999 of Linux users out there
> who get and only use distribution compiled kernels which are
> going to enable everything anyways.
>
> So we better make sure there are zero performance implications at some
> point just for compiling netfilter into the tree. I know that isn't
> the case currently, but that means that we aren't helping out the
> majority of Linux users and are thus only adding these optimizations
> for such a small sliver of users and that is totally pointless and
> sucks.
The hooks themselves actually shouldn't be that much of a problem
since without any registered users they come down to a simple
list_empty check. The bigger problem is probably the fact that
the "okfn" is usually declared inline, but we also take its address
for nf_hook_slow, so at least with forced inlining, we end up
with one inlined and one out-of-line version.
Looking at ip_input.o as example (everything without forced inlining):
text data bss dec hex filename
2076 8 0 2084 824 net/ipv4/ip_input.o
3483 8 0 3491 da3 net/ipv4/ip_input.o
So we have roughly 1.75 more code for the two hooks. For reference,
without using the function pointer it increases a lot less:
text data bss dec hex filename
2319 8 0 2327 917 net/ipv4/ip_input.o
similar with not inlining ip_rcv_finish() and ip_local_deliver_finish():
text data bss dec hex filename
2282 8 0 2290 8f2 net/ipv4/ip_input.o
Any ideas how to do this better? Unforunately we need the function
pointers for reinjecting queued packets ..
next prev parent reply other threads:[~2007-09-28 16:55 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-09-27 7:34 [PKT_SCHED]: Add stateless NAT Herbert Xu
2007-09-27 9:25 ` Evgeniy Polyakov
2007-09-27 9:33 ` Herbert Xu
2007-09-27 10:07 ` Evgeniy Polyakov
2007-09-27 10:29 ` Herbert Xu
2007-09-27 12:41 ` Evgeniy Polyakov
2007-09-27 12:45 ` Herbert Xu
2007-09-27 13:10 ` Evgeniy Polyakov
2007-09-27 13:16 ` Patrick McHardy
2007-09-27 13:25 ` Evgeniy Polyakov
2007-09-27 13:30 ` Patrick McHardy
2007-09-27 13:33 ` Evgeniy Polyakov
2007-09-27 13:34 ` jamal
2007-09-27 13:20 ` Herbert Xu
2007-09-27 13:29 ` Evgeniy Polyakov
2007-09-27 13:39 ` Patrick McHardy
2007-09-27 19:52 ` David Miller
2007-09-28 8:19 ` Evgeniy Polyakov
2007-09-28 9:16 ` Evgeniy Polyakov
2007-09-28 16:31 ` Patrick McHardy
2007-09-27 12:52 ` jamal
2007-09-27 13:06 ` Evgeniy Polyakov
2007-09-27 12:27 ` Herbert Xu
2007-09-27 12:46 ` jamal
2007-09-27 12:39 ` jamal
2007-09-27 12:58 ` Herbert Xu
2007-09-27 19:48 ` David Miller
2007-09-27 13:01 ` Herbert Xu
2007-09-27 13:16 ` jamal
2007-09-27 19:08 ` David Miller
2007-09-28 16:55 ` Patrick McHardy [this message]
2007-09-29 0:51 ` Herbert Xu
2007-09-29 3:37 ` Herbert Xu
2007-09-29 15:21 ` Patrick McHardy
2007-09-29 23:36 ` Herbert Xu
2007-09-30 0:13 ` David Miller
2007-09-30 0:26 ` Herbert Xu
2007-09-30 0:43 ` Herbert Xu
2007-09-30 15:38 ` Patrick McHardy
2007-10-14 4:26 ` [0/10] Remove sk_buff ** from netfilter API Herbert Xu
2007-10-14 4:27 ` [PATCH 1/10] [SKBUFF]: Merge common code between copy_skb_header and skb_clone Herbert Xu
2007-10-14 10:36 ` jamal
2007-10-14 4:27 ` [PATCH 2/10] [SKBUFF]: Add skb_morph Herbert Xu
2007-11-26 6:50 ` Yasuyuki KOZAKAI
[not found] ` <200711260650.lAQ6oOL9006774@toshiba.co.jp>
2007-11-26 15:10 ` Herbert Xu
2007-11-27 6:50 ` Yasuyuki KOZAKAI
2007-10-14 4:27 ` [PATCH 3/10] [IPV4]: Make ip_defrag return the same packet Herbert Xu
2007-10-14 4:27 ` [PATCH 4/10] [IPV4]: Change ip_defrag to return an integer Herbert Xu
2007-10-14 4:27 ` [PATCH 5/10] [NET]: Avoid unnecessary cloning for ingress filtering Herbert Xu
2007-10-14 10:49 ` jamal
2007-10-15 13:57 ` jamal
2007-10-15 14:28 ` Patrick McHardy
2007-10-15 14:55 ` Alexey Kuznetsov
2007-10-16 10:28 ` jamal
2007-10-14 4:27 ` [PATCH 6/10] [BRIDGE]: Unshare skb upon entry Herbert Xu
2007-10-15 7:20 ` Patrick McHardy
2007-10-15 8:04 ` Herbert Xu
2007-10-15 8:50 ` David Miller
2007-10-14 4:27 ` [PATCH 7/10] [NETFILTER]: Do not copy skb in skb_make_writable Herbert Xu
2007-10-14 4:27 ` [PATCH 8/10] [IPVS]: Replace local version of skb_make_writable Herbert Xu
2007-10-14 4:27 ` [PATCH 9/10] [NETFILTER]: Avoid skb_copy/pskb_copy/skb_realloc_headroom Herbert Xu
2007-10-14 4:27 ` [PATCH 10/10] [NETFILTER]: Replace sk_buff ** with sk_buff * Herbert Xu
2007-10-14 9:55 ` Herbert Xu
2007-10-14 14:46 ` [0/3] [IPV6]: Kill sk_buff ** usage on input path Herbert Xu
2007-10-14 14:49 ` [PATCH 1/3] [IPV6]: Make ipv6_frag_rcv return the same packet Herbert Xu
2007-10-15 8:28 ` David Miller
2007-10-14 14:49 ` [PATCH 2/3] [IPV6]: Avoid skb_copy/pskb_copy/skb_realloc_headroom on input Herbert Xu
2007-10-15 8:29 ` David Miller
2007-10-14 14:49 ` [PATCH 3/3] [IPV6]: Replace sk_buff ** with sk_buff * in input handlers Herbert Xu
2007-10-14 15:43 ` YOSHIFUJI Hideaki / 吉藤英明
2007-10-15 8:30 ` David Miller
2007-10-15 8:29 ` David Miller
2007-10-15 14:21 ` Herbert Xu
2007-10-15 8:27 ` [PATCH 10/10] [NETFILTER]: Replace sk_buff ** with sk_buff * David Miller
2007-10-15 6:25 ` [0/10] Remove sk_buff ** from netfilter API Patrick McHardy
2007-10-15 7:57 ` [IPV4]: Uninline netfilter okfns Patrick McHardy
2007-10-15 8:05 ` Herbert Xu
2007-10-15 8:30 ` [IPV6]: " Patrick McHardy
2007-10-15 8:51 ` David Miller
2007-10-15 8:49 ` [IPV4]: " David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46FD3204.6090305@trash.net \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=hadi@cyberus.ca \
--cc=herbert@gondor.apana.org.au \
--cc=kuznet@ms2.inr.ac.ru \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).