On Wed, Jul 10, 2024 at 10:58:29AM +0200, Florian Westphal wrote: > nft_set_lookup_byid() is very slow when transaction becomes large, due to > walk of the transaction list. > > Add a dedicated list that contains only the new sets. > > Before: nft -f ruleset 0.07s user 0.00s system 0% cpu 1:04.84 total > After: nft -f ruleset 0.07s user 0.00s system 0% cpu 30.115 total > > .. where ruleset contains ~10 sets with ~100k elements. > The above number is for a combined flush+reload of the ruleset. > > With previous flush, even the first NEWELEM has to walk through a few > hundred thousands of DELSET(ELEM) transactions before the first NEWSET > object. To cope with random-order-newset-newsetelem we'd need to replace > commit_set_list with a hashtable. > > Expectation is that a NEWELEM operation refers to the most recently added > set, so last entry of the dedicated list should be the set we want. > > NB: This is not a bug fix per se (functionality is fine), but with > larger transaction batches list search takes forever, so it would be > nice to speed this up for -stable too, hence adding a "fixes" tag. applied to nf-next, thanks
