From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Medialy <medialy@gmail.com>
Cc: netfilter@vger.kernel.org
Subject: Re: Why "No buffer space available"?
Date: Thu, 31 Dec 2009 12:31:09 +0100 [thread overview]
Message-ID: <4B3C8B7D.8010202@netfilter.org> (raw)
In-Reply-To: <c29e3bea0912301743k7f7bda48o17ce78d4521a7585@mail.gmail.com>
Medialy wrote:
> Problem solved. Thanks.
> BTW, sometimes the program stops at function nfct_close() and never return!
I don't have an explanation for that, but it should not happen.
> On Wed, Dec 30, 2009 at 8:10 PM, Pablo Neira Ayuso <pablo@netfilter.org
> <mailto:pablo@netfilter.org>> wrote:
>
> Medialy wrote:
>
> Hi,
> I have written a program to log the nat behavior. the program works
> well when traffic is low. But when the traffic reaches 1Gb, program
> always error.
> According to the previous discussions about this problem, I even set
> the recv buffer size to 50MB and the error still exists.
>
>
> Increasing the buffer size would not solve the problem, that will
> only delay the ENOBUFS error. There are several reasons why you may
> hit ENOBUFS:
>
> a) your program is too slow to handle the Netlink messages that you
> receive from the kernel at a given rate. This is easier to trigger
> if the handling that you perform on every message takes too long.
> b) the queue size is too small, but this does not seem to be your case.
>
> ENOBUFS basically means that the kernel has to drop Netlink messages
> because your user-space program cannot back-off.
>
>
> Medialy:
> Reason: system was overloaded due to the storage capability. The
> program (2 threads) was set to use last CPU. When the traffic was
> heavy, most of the computing power of last CPU was occupied by the
> thread which wrote Netlink messages to the stroage.
Good analysis. It is a good idea to put the thread that digest the
Netlink message in a spare CPU. That reduces the chances to hit ENOBUFS.
I forgot to say but reducing the nice() value also help to avoid ENOBUFS.
prev parent reply other threads:[~2009-12-31 11:31 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <cc73a9220912281846h6a337b76ud7d9d1f61371f21e@mail.gmail.com>
2009-12-29 2:49 ` Why "No buffer space available"? Medialy
2009-12-30 12:10 ` Pablo Neira Ayuso
[not found] ` <c29e3bea0912301743k7f7bda48o17ce78d4521a7585@mail.gmail.com>
2009-12-31 11:31 ` Pablo Neira Ayuso [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B3C8B7D.8010202@netfilter.org \
--to=pablo@netfilter.org \
--cc=medialy@gmail.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).