On Mon, 2014-03-17 at 13:42 +0100, Pablo Neira Ayuso wrote: > From: Florian Westphal <fw@xxxxxxxxx> > > connlimit currently suffers from spinlock contention, example for > 4-core system with rps enabled: > +#define CONNLIMIT_SLOTS 256 > +#define CONNLIMIT_LOCK_SLOTS 32 32 spinlocks use 2 cache lines (assuming 4 bytes per spinlock, and 64 bytes cache lines) So I guess this probably should be increased to have less false sharing. Note: This can be done later, I do not want to block this patch serie at all ! I believe this hash table of spinlocks could be global, not in each struct xt_connlimit_data. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
