All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Timo Teräs" <timo.teras@iki.fi>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: netdev@vger.kernel.org
Subject: Re: [PATCH] xfrm: cache bundle lookup results in flow cache
Date: Fri, 19 Mar 2010 07:48:57 +0200	[thread overview]
Message-ID: <4BA31049.7030005@iki.fi> (raw)
In-Reply-To: <20100319003130.GA20227@gondor.apana.org.au>

Herbert Xu wrote:
> On Thu, Mar 18, 2010 at 09:30:58PM +0200, Timo Teräs wrote:
>> Now, these created xfrm_dst gets cached in policy->bundles
>> with ref count zero and not deleted until garbage collection
>> is required. That's how xfrm_find_bundle tries to reuse them
>> (but it does O(n) lookup).
> 
> Yes but the way you're caching it in the policy means that it
> only helps if two consecutive packets happen to match the same
> bundle.  If your traffic mix was such that each packet required
> a different bundle, then we're back to where we started.
> 
> That's why I was asking for you to directly cache the xfrm_dst
> objects in the flow cache.

But it always matches. The caching happens using the inner
flow. Inner flow always matches with the same bundle unless
the bundle expires or goes stale. What happens is that I get
multiple cache entries per-inner flow each referencing to the
same bundle.

And this is even more useful with the gre+esp. No matter what
I send inside gre (with private IPs), it ends up being routed
to more limited set of outer public IP parties. The bundle
lookup happens with the public-IP flow, so the speed up works
even better.

>> Actually no. As the pmtu case showed, it's more likely that
>> xfrm_dst needs to be regenerated, but the policy stays the
>> same since policy db isn't touched that often. If we keep
>> them separately we can almost most of the time avoid doing
>> policy lookup which is also O(n). Also the currently cache
>> entry validation is needs to check policy's bundles_genid
>> before allowing touching of xfrm_dst. Otherwise we would have
>> to keep global bundle_genid, and we'd lose the parent pointer
>> on cache miss.
> A back-pointer does not require an O(n) lookup.

True. But if we go and prune a bundle due to it being bad or
needing garbage collection we need to invalidate all bundles
pointers, and we cannot access the back-pointer. Alternatively
we need to keep xfrm_dst references again in the flow cache
requiring an expensive iteration of all flow cache entries
whenever a xfrm_dst needs to be deleted (which happens often).

- Timo

  reply	other threads:[~2010-03-19  5:49 UTC|newest]

Thread overview: 41+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-03-15 12:20 [PATCH] xfrm: cache bundle lookup results in flow cache Timo Teras
2010-03-17 13:07 ` Herbert Xu
2010-03-17 14:16   ` Timo Teräs
2010-03-17 14:58     ` Herbert Xu
2010-03-17 15:56       ` Timo Teräs
2010-03-17 16:32         ` Timo Teräs
2010-03-18 19:30         ` Timo Teräs
2010-03-19  0:31           ` Herbert Xu
2010-03-19  5:48             ` Timo Teräs [this message]
2010-03-19  6:03               ` Herbert Xu
2010-03-19  6:21                 ` Timo Teräs
2010-03-19  7:17                   ` Herbert Xu
2010-03-19  7:27                   ` Timo Teräs
2010-03-19  0:32           ` Herbert Xu
2010-03-19  7:20 ` Herbert Xu
2010-03-19  7:48   ` Timo Teräs
2010-03-19  8:29     ` Herbert Xu
2010-03-19  8:37       ` Timo Teräs
2010-03-19  8:47         ` Herbert Xu
2010-03-19  9:12           ` Timo Teräs
2010-03-19  9:32             ` Herbert Xu
2010-03-19  9:53               ` Timo Teräs
2010-03-20 15:17                 ` Herbert Xu
2010-03-20 16:26                   ` Timo Teräs
2010-03-21  0:46                     ` Herbert Xu
2010-03-21  7:34                       ` Timo Teräs
2010-03-21  8:31                         ` Timo Teräs
2010-03-22  3:52                           ` Herbert Xu
2010-03-22 18:03                             ` Timo Teräs
2010-03-23  7:28                               ` Timo Teräs
2010-03-23  7:42                                 ` Herbert Xu
2010-03-23  9:19                                   ` Timo Teräs
2010-03-23  9:41                                     ` Herbert Xu
2010-03-22  1:26                   ` David Miller
2010-03-22  1:28                   ` David Miller
2010-03-22  1:32                     ` Herbert Xu
2010-03-22  1:36                       ` David Miller
2010-03-22  1:40                         ` Herbert Xu
2010-03-22  3:12                           ` David Miller
2010-03-22  3:52                             ` Herbert Xu
2010-03-22 18:31                               ` Timo Teräs

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4BA31049.7030005@iki.fi \
    --to=timo.teras@iki.fi \
    --cc=herbert@gondor.apana.org.au \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.