[{"id":1765278,"web_url":"http://patchwork.ozlabs.org/comment/1765278/","msgid":"<20170908115536.GC13597@salvia>","list_archive_url":null,"date":"2017-09-08T11:55:36","subject":"Re: [PATCH nf 0/2] netfilter: nat: do not use rhltable","submitter":{"id":1315,"url":"http://patchwork.ozlabs.org/api/people/1315/","name":"Pablo Neira Ayuso","email":"pablo@netfilter.org"},"content":"On Wed, Sep 06, 2017 at 02:39:50PM +0200, Florian Westphal wrote:\n> This reverts the conversion of the nat bysource table to rhlist that\n> I did last year.\n> \n> It was a bad idea to begin with.\n> \n> Fast lookup is not essential; in most cases there is no lookup\n> at all because original tuple is not taken and can be used as-is.\n> What needs to be fast is insertion and deletion.\n> \n> With rhlist, deletion is slow as it requires a list traversal.\n> So, switch back to a statically-sized table for bysource hash.\n\nSeries applied.\n--\nTo unsubscribe from this list: send the line \"unsubscribe netfilter-devel\" in\nthe body of a message to majordomo@vger.kernel.org\nMore majordomo info at  http://vger.kernel.org/majordomo-info.html","headers":{"Return-Path":"<netfilter-devel-owner@vger.kernel.org>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netfilter-devel-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)","Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xpbPd0lrbz9sCZ\n\tfor <incoming@patchwork.ozlabs.org>;\n\tFri,  8 Sep 2017 21:56:02 +1000 (AEST)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1754733AbdIHL4B (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);\n\tFri, 8 Sep 2017 07:56:01 -0400","from ganesha.gnumonks.org ([213.95.27.120]:34527 \"EHLO\n\tganesha.gnumonks.org\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S1752858AbdIHL4B (ORCPT\n\t<rfc822;netfilter-devel@vger.kernel.org>);\n\tFri, 8 Sep 2017 07:56:01 -0400","from 129.166.216.87.static.jazztel.es ([87.216.166.129]\n\thelo=gnumonks.org) by ganesha.gnumonks.org with esmtpsa\n\t(TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2)\n\t(envelope-from <pablo@gnumonks.org>)\n\tid 1dqHso-0003We-1M; Fri, 08 Sep 2017 13:55:39 +0200"],"Date":"Fri, 8 Sep 2017 13:55:36 +0200","From":"Pablo Neira Ayuso <pablo@netfilter.org>","To":"Florian Westphal <fw@strlen.de>","Cc":"netfilter-devel@vger.kernel.org","Subject":"Re: [PATCH nf 0/2] netfilter: nat: do not use rhltable","Message-ID":"<20170908115536.GC13597@salvia>","References":"<20170906123952.12555-1-fw@strlen.de>","MIME-Version":"1.0","Content-Type":"text/plain; charset=us-ascii","Content-Disposition":"inline","In-Reply-To":"<20170906123952.12555-1-fw@strlen.de>","User-Agent":"Mutt/1.5.23 (2014-03-12)","X-Spam-Score":"-2.9 (--)","Sender":"netfilter-devel-owner@vger.kernel.org","Precedence":"bulk","List-ID":"<netfilter-devel.vger.kernel.org>","X-Mailing-List":"netfilter-devel@vger.kernel.org"}},{"id":1766251,"web_url":"http://patchwork.ozlabs.org/comment/1766251/","msgid":"<20170911114704.fge5tepnxzz2i52r@alphalink.fr>","list_archive_url":null,"date":"2017-09-11T11:47:04","subject":"Re: [PATCH nf 0/2] netfilter: nat: do not use rhltable","submitter":{"id":22975,"url":"http://patchwork.ozlabs.org/api/people/22975/","name":"Guillaume Nault","email":"g.nault@alphalink.fr"},"content":"On Fri, Sep 08, 2017 at 01:55:36PM +0200, Pablo Neira Ayuso wrote:\n> On Wed, Sep 06, 2017 at 02:39:50PM +0200, Florian Westphal wrote:\n> > This reverts the conversion of the nat bysource table to rhlist that\n> > I did last year.\n> > \n> > It was a bad idea to begin with.\n> > \n> > Fast lookup is not essential; in most cases there is no lookup\n> > at all because original tuple is not taken and can be used as-is.\n> > What needs to be fast is insertion and deletion.\n> > \n> > With rhlist, deletion is slow as it requires a list traversal.\n> > So, switch back to a statically-sized table for bysource hash.\n> \n> Series applied.\n> \nWe've hit this issue in production on Linux 4.9. Even though that's\njust a \"performance\" fix (as opposed to actual crash), I believe it's\nworth queuing it up to -stable (without it we've seen several freezes\nof 20 seconds and more).\n\nPatch #1 needs minor editing before applying to 4.9. Not sure if\npatch #2 is worth backporting though. What do you think?\n--\nTo unsubscribe from this list: send the line \"unsubscribe netfilter-devel\" in\nthe body of a message to majordomo@vger.kernel.org\nMore majordomo info at  http://vger.kernel.org/majordomo-info.html","headers":{"Return-Path":"<netfilter-devel-owner@vger.kernel.org>","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netfilter-devel-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)","Received":["from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xrR3y0XZZz9s83\n\tfor <incoming@patchwork.ozlabs.org>;\n\tMon, 11 Sep 2017 21:47:10 +1000 (AEST)","(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1751279AbdIKLrJ (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);\n\tMon, 11 Sep 2017 07:47:09 -0400","from zimbra.alphalink.fr ([217.15.80.77]:33700 \"EHLO\n\tzimbra.alphalink.fr\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S1751013AbdIKLrI (ORCPT\n\t<rfc822;netfilter-devel@vger.kernel.org>);\n\tMon, 11 Sep 2017 07:47:08 -0400","from localhost (localhost [127.0.0.1])\n\tby mail-2-cbv2.admin.alphalink.fr (Postfix) with ESMTP id\n\tC4D002B52057; Mon, 11 Sep 2017 13:47:06 +0200 (CEST)","from zimbra.alphalink.fr ([127.0.0.1])\n\tby localhost (mail-2-cbv2.admin.alphalink.fr [127.0.0.1])\n\t(amavisd-new, port 10032)\n\twith ESMTP id 58lX8WYOSqa1; Mon, 11 Sep 2017 13:47:04 +0200 (CEST)","from localhost (localhost [127.0.0.1])\n\tby mail-2-cbv2.admin.alphalink.fr (Postfix) with ESMTP id\n\tA04B82B5206F; Mon, 11 Sep 2017 13:47:04 +0200 (CEST)","from zimbra.alphalink.fr ([127.0.0.1])\n\tby localhost (mail-2-cbv2.admin.alphalink.fr [127.0.0.1])\n\t(amavisd-new, port 10026)\n\twith ESMTP id QlJ8FXFY_vbz; Mon, 11 Sep 2017 13:47:04 +0200 (CEST)","from c-dev-0.admin.alphalink.fr (94-84-15-217.reverse.alphalink.fr\n\t[217.15.84.94])\n\tby mail-2-cbv2.admin.alphalink.fr (Postfix) with ESMTP id\n\t74B922B52057; Mon, 11 Sep 2017 13:47:04 +0200 (CEST)","by c-dev-0.admin.alphalink.fr (Postfix, from userid 1000)\n\tid 3DD7160149; Mon, 11 Sep 2017 13:47:04 +0200 (CEST)"],"X-Virus-Scanned":"amavisd-new at mail-2-cbv2.admin.alphalink.fr","Date":"Mon, 11 Sep 2017 13:47:04 +0200","From":"Guillaume Nault <g.nault@alphalink.fr>","To":"Pablo Neira Ayuso <pablo@netfilter.org>","Cc":"Florian Westphal <fw@strlen.de>, netfilter-devel@vger.kernel.org","Subject":"Re: [PATCH nf 0/2] netfilter: nat: do not use rhltable","Message-ID":"<20170911114704.fge5tepnxzz2i52r@alphalink.fr>","References":"<20170906123952.12555-1-fw@strlen.de>\n\t<20170908115536.GC13597@salvia>","MIME-Version":"1.0","Content-Type":"text/plain; charset=us-ascii","Content-Disposition":"inline","In-Reply-To":"<20170908115536.GC13597@salvia>","User-Agent":"NeoMutt/20170609 (1.8.3)","Sender":"netfilter-devel-owner@vger.kernel.org","Precedence":"bulk","List-ID":"<netfilter-devel.vger.kernel.org>","X-Mailing-List":"netfilter-devel@vger.kernel.org"}}]