Re: Fetching interface name - Pablo Neira Ayuso

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Vikas <vikas.c.kumar@oracle.com>
Cc: coreteam@netfilter.org, eric@netfilter.org,
	netfilter-devel@vger.kernel.org
Subject: Re: Fetching interface name
Date: Fri, 25 Sep 2015 15:53:50 +0200	[thread overview]
Message-ID: <20150925135350.GA19255@salvia> (raw)
In-Reply-To: <5605412B.4000505@oracle.com>

On Fri, Sep 25, 2015 at 06:12:19PM +0530, Vikas wrote:
> Have two questions wrt to the recent code changes, specially function:
> iface_cache_update().
> 
> 1. Inside iface_cache_update(), I see lot of socket
> calls(open/bind/sendto/recvfrom) and also list_add() inside callback:
> data_cb(). Are these calls not impacting performace?
> We didn't wanted to use if_indextoname() for the fact that it was kernel
> operation. Performance & traffic wise how iface_cache_update() is different
> from if_indextoname()?

I guess you'll have a daemon, so you cache it once and then reuse.

nft is a command line tool, we get the cache once to look up for as
many ifindex as we need, thus we save quite a lot of traffic.

> 2. Looks like iface_cache_update() is called only once(since there is
> boolean flag: iface_cache_init). But even if we update the cache but there
> is no surity that interface index will not change post update.

You have to subscribe to netlink event notifications, to keep the
cache up to date incrementally.

There's also other code in our tree that is doing this:

http://git.netfilter.org/libnfnetlink/tree/src/iftable.c

As I said, it should be very easy to implement an example daemon for
libmnl that initially creates and ifindex cache and then it updates it
based on netlink event notification.

     prev parent reply	other threads:[~2015-09-25 13:47 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <5604D75E.8000809@oracle.com>
2015-09-25 10:22 ` Fetching interface name Pablo Neira Ayuso
2015-09-25 11:07   ` Vikas
     [not found]   ` <5605412B.4000505@oracle.com>
2015-09-25 13:53     ` Pablo Neira Ayuso [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150925135350.GA19255@salvia \
    --to=pablo@netfilter.org \
    --cc=coreteam@netfilter.org \
    --cc=eric@netfilter.org \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=vikas.c.kumar@oracle.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).