From: Patrick McHardy <kaber@trash.net>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH 1/3] netfilter: nf_tables: fix suboptimal set selection
Date: Sun, 5 Jan 2014 21:45:31 +0000 [thread overview]
Message-ID: <20140105214531.GA18624@macbook.localnet> (raw)
In-Reply-To: <20140105213403.GA4158@localhost>
On Sun, Jan 05, 2014 at 10:34:03PM +0100, Pablo Neira Ayuso wrote:
> On Sun, Jan 05, 2014 at 09:28:35PM +0000, Patrick McHardy wrote:
> > On Sun, Jan 05, 2014 at 10:18:46PM +0100, Pablo Neira Ayuso wrote:
> > > The rb-tree is currently used for simple sets and maps with no
> > > intervals which is suboptimal. Fix it by adding the weight field
> > > to each existing set implementation, this value allows to select
> > > the best candidate in case that several set types can be used.
> >
> > Ohh, lets do this properly. This is one point why I was opposed to a
> > merge at this stage, lets not paper over this but fix this how it
> > was intended. I'll work on that after finishing the inet family.
> > Until then no harm is done, just some memory waste.
>
> Please, elaborate your plans on this.
Well, the selection should happen based on the set contents, not on
some static weight. Basically we have memory usage and performance
as measurable weights, and both depend on the contents of the set,
so we need an abstrace description of those.
I have another set type coming up, static weights will not help to
make a good decision long term. This won't be easy to get right,
but I really don't want to paper over this since this just allows
to delay to proper fix that will be needed at some point anyway.
next prev parent reply other threads:[~2014-01-05 21:45 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-05 21:18 [PATCH 0/3 nftables RFC] set infrastructure updates Pablo Neira Ayuso
2014-01-05 21:18 ` [PATCH 1/3] netfilter: nf_tables: fix suboptimal set selection Pablo Neira Ayuso
2014-01-05 21:28 ` Patrick McHardy
2014-01-05 21:34 ` Pablo Neira Ayuso
2014-01-05 21:45 ` Patrick McHardy [this message]
2014-01-05 22:11 ` Pablo Neira Ayuso
2014-01-05 22:21 ` Patrick McHardy
2014-01-05 21:18 ` [PATCH 2/3] netfilter: nf_tables: limit maximum number of elements Pablo Neira Ayuso
2014-01-05 21:51 ` Patrick McHardy
2014-01-05 22:14 ` Pablo Neira Ayuso
2014-01-05 22:15 ` Pablo Neira Ayuso
2014-01-05 22:25 ` Patrick McHardy
2014-01-05 21:18 ` [PATCH 3/3] netfilter: nft_hash: use set->maxelems to calculate number of buckets Pablo Neira Ayuso
2014-01-05 21:47 ` Patrick McHardy
2014-01-05 22:12 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140105214531.GA18624@macbook.localnet \
--to=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).