On Wednesday 2012-10-31 17:27, Josh Hunt wrote: > When doing an ipset restore with newer versions of glibc I'm seeing some extra > syscall overhead that I was not seeing with glibc 2.4. I was wondering if > anyone has seen such behavior and could help me understand what is going on? > > Here is a snippet of strace during the restore with glibc 2.4: > http://pastebin.com/qxkPF7FB and one with glibc 2.7: > http://pastebin.com/wga9SN0E > I've also seen similar behavior with glibc 2.11. > > You'll notice that with the newer version a second netlink socket is created > and it appears some data is sent and info received back from the kernel I have observed such as well in other programs as well. Without looking into this too deeply, I suspect that a program, or a library on its behalf, is using the interface name<->index resolution functions if_nametoindex(3) et al, for which netlink is used in sufficiently new glibc where socket ioctls were (probably) used previously. Could this be it? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
