On 17.01, Herbert Xu wrote: > On Fri, Jan 16, 2015 at 07:35:57PM +0000, Patrick McHardy wrote: > > > > Well, rhashtable (or generally resizing) will make it a lot worse. > > Usually we at worst miss entries which were added during the dump, > > which is made up by the notifications. > > > > With resizing we might miss anything, its completely undeterministic. > > Correct. If you want to have a stable dump you will need to have > data structure outside the hash table. For example, with xfrm_state > we do it with a linked list. That's certainly one possibility, however since we might have a huge number of elements, its very undesirable to use even a little memory for this. I'm tending towards deferring resize operations while dumps are in progress. Since we only allow dumps by root, it seems the worst thing that can happen is that we run using a non optimal hash, which is comparable to having a badly structured ruleset. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
