Re: [PATCH nf-next-2.6 2/2] conntrack: per_cpu untracking
From: Eric Dumazet <hidden>
Date: 2010-06-08 14:52:13
Also in:
netfilter-devel
From: Eric Dumazet <hidden>
Date: 2010-06-08 14:52:13
Also in:
netfilter-devel
Le mardi 08 juin 2010 à 16:29 +0200, Patrick McHardy a écrit :
On 04.06.2010 22:15, Eric Dumazet wrote:quoted
NOTRACK makes all cpus share a cache line on nf_conntrack_untracked twice per packet, slowing down performance. This patch converts it to a per_cpu variable. We assume same cpu is used for a given packet, entering and exiting the NOTRACK state.That doesn't seem to be a valid assumption, the conntrack entry is attached to the skb and processing in the output path might get preempted and rescheduled to a different CPU.
Thats unfortunate. Ok, only choice then is to not change refcount on the untracked ct, and keep a shared (read only after setup time) untrack structure. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html