From: David Ahern <dsahern@gmail.com>
To: Vasily Averin <vvs@virtuozzo.com>,
dsahern@kernel.org, netdev@vger.kernel.org
Cc: nikita.leshchenko@oracle.com, roopa@cumulusnetworks.com,
stephen@networkplumber.org, idosch@mellanox.com,
jiri@mellanox.com, saeedm@mellanox.com, alex.aring@gmail.com,
linux-wpan@vger.kernel.org, netfilter-devel@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [RFC/RFT, net-next, 00/17] net: Convert neighbor tables to per-namespace
Date: Sun, 12 Aug 2018 11:37:06 -0600 [thread overview]
Message-ID: <988a697a-984c-8ca8-7846-e62feb4a4aec@gmail.com> (raw)
In-Reply-To: <dc9cd93c-61d4-dc8c-9ba1-cd8584908ba2@virtuozzo.com>
On 8/12/18 12:46 AM, Vasily Averin wrote:
> On 07/17/2018 03:06 PM, dsahern@kernel.org wrote:
>> From: David Ahern <dsahern@gmail.com>
>>
>> Nikita Leshenko reported that neighbor entries in one namespace can
>> evict neighbor entries in another. The problem is that the neighbor
>> tables have entries across all namespaces without separate accounting
>> and with global limits on when to scan for entries to evict.
>>
>> Resolve by making the neighbor tables for ipv4, ipv6 and decnet per
>> namespace and making the accounting and threshold limits per namespace.
>
> Dear David,
> I prepared own patch set to fix this problem and found your one.
> It looks perfect for me, and I hope David Miller will merge it soon,
> however I have found a few drawbacks:
>
Hi:
I just returned from an extended vacation. I will revive this topic in
the next few days.
Thanks for the comments. I will address in the next version.
prev parent reply other threads:[~2018-08-12 20:15 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-17 12:06 [PATCH RFC/RFT net-next 00/17] net: Convert neighbor tables to per-namespace dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 01/17] net/ipv4: rename ipv4_neigh_lookup to ipv4_dst_neigh_lookup dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 02/17] net/neigh: export neigh_find_table dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 03/17] net/ipv4: wrappers for arp table references dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 04/17] net/ipv4: Remove open coded use of arp table dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 05/17] net/ipv6: wrappers for neighbor table references dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 06/17] net/ipv6: Remove open coded use of neighbor table dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 07/17] drivers/net: remove open coding of neighbor tables dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 08/17] net: Remove nd_tbl from ipv6 stub dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 09/17] net: Remove arp_tbl and nd_tbl from headers dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 10/17] net: Add key_len to neighbor constructor dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 11/17] net: Change neigh_table_init and neigh_table_clear signature dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 12/17] net/neigh: Change neigh_xmit to take an address family dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 13/17] net/neighbor: Convert internal functions away from neigh_tables dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 14/17] net/ipv4: Convert arp table to per namespace dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 15/17] net/ipv6: Convert neighbor table to per-namespace dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 16/17] net/decnet: Move " dsahern
2018-07-17 12:06 ` [PATCH RFC/RFT net-next 17/17] net/neighbor: Remove neigh_tables and NEIGH enum dsahern
2018-07-17 17:40 ` [PATCH RFC/RFT net-next 00/17] net: Convert neighbor tables to per-namespace Cong Wang
2018-07-17 17:43 ` David Ahern
2018-07-17 17:53 ` Cong Wang
2018-07-17 19:02 ` David Ahern
2018-07-17 20:37 ` Cong Wang
2018-07-18 3:59 ` David Miller
2018-07-19 16:16 ` David Ahern
2018-07-19 17:12 ` Cong Wang
2018-07-24 15:14 ` David Ahern
2018-07-24 17:14 ` David Miller
2018-07-25 18:23 ` David Ahern
2018-07-24 22:09 ` Cong Wang
2018-07-25 12:33 ` Eric W. Biederman
2018-07-25 14:06 ` David Ahern
2018-07-25 17:38 ` Eric W. Biederman
2018-07-25 18:13 ` David Ahern
2018-07-25 19:17 ` Eric W. Biederman
2018-08-13 21:48 ` David Ahern
2018-08-15 4:36 ` Eric W. Biederman
2018-07-26 11:12 ` David Laight
2018-07-27 16:27 ` Eric W. Biederman
2018-07-19 0:54 ` Michael Richardson
2018-07-19 15:49 ` David Ahern
2018-08-12 6:46 ` [RFC/RFT, net-next, " Vasily Averin
2018-08-12 17:37 ` David Ahern [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=988a697a-984c-8ca8-7846-e62feb4a4aec@gmail.com \
--to=dsahern@gmail.com \
--cc=alex.aring@gmail.com \
--cc=dsahern@kernel.org \
--cc=idosch@mellanox.com \
--cc=jiri@mellanox.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-wpan@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=nikita.leshchenko@oracle.com \
--cc=roopa@cumulusnetworks.com \
--cc=saeedm@mellanox.com \
--cc=stephen@networkplumber.org \
--cc=vvs@virtuozzo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).