linux/include/net/netns
Neil Horman 1080d709fb net: implement emergency route cache rebulds when gc_elasticity is exceeded
This is a patch to provide on demand route cache rebuilding.  Currently, our
route cache is rebulid periodically regardless of need.  This introduced
unneeded periodic latency.  This patch offers a better approach.  Using code
provided by Eric Dumazet, we compute the standard deviation of the average hash
bucket chain length while running rt_check_expire.  Should any given chain
length grow to larger that average plus 4 standard deviations, we trigger an
emergency hash table rebuild for that net namespace.  This allows for the common
case in which chains are well behaved and do not grow unevenly to not incur any
latency at all, while those systems (which may be being maliciously attacked),
only rebuild when the attack is detected.  This patch take 2 other factors into
account:
1) chains with multiple entries that differ by attributes that do not affect the
hash value are only counted once, so as not to unduly bias system to rebuilding
if features like QOS are heavily used
2) if rebuilding crosses a certain threshold (which is adjustable via the added
sysctl in this patch), route caching is disabled entirely for that net
namespace, since constant rebuilding is less efficient that no caching at all

Tested successfully by me.

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-10-27 17:06:14 -07:00
..
conntrack.h netfilter: netns nf_conntrack: per-netns conntrack accounting 2008-10-08 11:35:09 +02:00
core.h [SOCK][NETNS]: Add the percpu prot_inuse counter in the struct net. 2008-03-31 19:42:16 -07:00
dccp.h [NETNS][DCCPV6]: Move the dccp_v6_ctl_sk on the struct net. 2008-04-13 22:32:25 -07:00
generic.h [NETNS]: The generic per-net pointers. 2008-04-15 00:36:08 -07:00
hash.h netns: introduce the net_hash_mix "salt" for hashes 2008-06-16 17:14:11 -07:00
ipv4.h net: implement emergency route cache rebulds when gc_elasticity is exceeded 2008-10-27 17:06:14 -07:00
ipv6.h netns: dont alloc ipv6 fib timer list 2008-07-22 14:33:45 -07:00
mib.h ipv6: making ip and icmp statistics per/namespace 2008-10-08 11:16:45 -07:00
packet.h [NETNS]: separate af_packet netns data 2008-01-28 14:57:15 -08:00
unix.h
x_tables.h netfilter: netns: use NFPROTO_NUMPROTO instead of NUMPROTO for tables array 2008-10-20 03:31:54 -07:00