I have tested the patch on 2.6.35. Which implies I also needed to cherry-pick 870f67dcf7ef, which implements the vzalloc() call. (Latest net-next has a problem with my HP CCISS driver/controller or the PCI layout, and will not boot) According to the function_graph trace, the execution time of get_counters() has increased (approx) from 109 ms to 120 ms, which is the expected result. The results are not all positive, but I think its related to the debugging options I have enabled. Because I now see packet drops if my 1Gbit/s pktgen script are sending packet with a packet size below 512 bytes, which is "only" approx 230 kpps (this is 1Gbit/s on my 10G labsetup where I have seen 5 Mpps). There is no packet overruns/drops, iif I run "iptables -vnL > /dev/null" without tracing enabled and only 1Gbit/s pktgen at 512 bytes packets. If I enable tracing while calling iptables I see packet drops/overruns. So I guess this is caused by the tracing overhead. I'll try to rerun my test without all the lock debugging options enabled. -- Med venlig hilsen / Best regards Jesper Brouer ComX Networks A/S Linux Network Kernel Developer Cand. Scient Datalog / MSc.CS Author of http://adsl-optimizer.dk LinkedIn: http://www.linkedin.com/in/brouer On Sat, 2010-12-18 at 05:29 +0100, Eric Dumazet wrote: > Using "iptables -L" with a lot of rules have a too big BH latency. > Jesper mentioned ~6 ms and worried of frame drops. > > Switch to a per_cpu seqlock scheme, so that taking a snapshot of > counters doesnt need to block BH (for this cpu, but also other cpus). > > This adds two increments on seqlock sequence per ipt_do_table() call, > its a reasonable cost for allowing "iptables -L" not block BH > processing. > > Reported-by: Jesper Dangaard Brouer <hawk@xxxxxxx> > Signed-off-by: Eric Dumazet <eric.dumazet@xxxxxxxxx> > Acked-by: Stephen Hemminger <shemminger@xxxxxxxxxx> > --- -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
