Yi-Hung Wei <yihung.wei@xxxxxxxxx> wrote: > This patch series apply the following techniques to optimize nf_conncount > performance. > > * Early exit for garbage collection > In order to reduce gc time, we skip traversing the full list on > every node when doing garbage collection, since it is enough to zap > a couple of expired entries. > > * Split tree insertion and traversal > When we have a very coarse grouping, e.g. by large subnets, zone id, > etc, it is likely that we do not need to do tree rotation because > we'll find a node where we can attach new entry. Based on this > observation, we then make traversal lockless (tree protected > by RCU), and add extra lock in the individual node to protect list > insertion/deletion, thereby allowing parallel insert/delete in different > tree nodes. > > * Add garbage collection worker > Instead of doing all of garbage collection task in the packet forwarding > path, we will schedule a garbage collection worker when the number of > nodes that can be freed exceeds a threshold. Looks good to me, thanks Yi-Hung for working on this. Maybe just avoid the race in patch 6/7, its possible its needed to merge it with the last patch, if so, thats fine with me. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
