Jozsef Kadlecsik a écrit :
Please write it exactly what you do and what happens. Do you create, fill
up and delete the *same* sets with exactly the *same* content, in a loop?
Yes I execute those commands in a loop on the same set (a nethash of 150
000 entries).
the commands in the loop are :
ipset -X neth
ipset --restore < ip.sets
The obtained results are :
iteration 1: neth size 25856860 VmallocUsed 108004 kB
iteration 2: neth size 25856860 VmallocUsed 108004 kB
iteration 3: neth size 38785290 VmallocUsed 158168 kB
iteration 6: neth size 25856860 VmallocUsed 108004 kB
iteration 9: neth size 58177935 VmallocUsed 235844 kB
This seems a lot for 0.15 million entries.
Are the 230Mo of Vmalloc'ed memory really used by the kernel ?
What is your kernel and ipset versions?
ipset v2.2.2 Protocol version 2
iptables v1.3.2
Linux 2.6.13 i686
