On Fri, Sep 08, 2017 at 01:55:36PM +0200, Pablo Neira Ayuso wrote: > On Wed, Sep 06, 2017 at 02:39:50PM +0200, Florian Westphal wrote: > > This reverts the conversion of the nat bysource table to rhlist that > > I did last year. > > > > It was a bad idea to begin with. > > > > Fast lookup is not essential; in most cases there is no lookup > > at all because original tuple is not taken and can be used as-is. > > What needs to be fast is insertion and deletion. > > > > With rhlist, deletion is slow as it requires a list traversal. > > So, switch back to a statically-sized table for bysource hash. > > Series applied. > We've hit this issue in production on Linux 4.9. Even though that's just a "performance" fix (as opposed to actual crash), I believe it's worth queuing it up to -stable (without it we've seen several freezes of 20 seconds and more). Patch #1 needs minor editing before applying to 4.9. Not sure if patch #2 is worth backporting though. What do you think? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
