| Message ID | 163820911055.3001886.13118680364054625917.stgit@fed.void |
|---|---|
| Headers | show
Return-Path: <ovs-dev-bounces@openvswitch.org> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=ibx/5n/L; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=<UNKNOWN>) Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4J2tYv0c1dz9sVc for <incoming@patchwork.ozlabs.org>; Tue, 30 Nov 2021 05:05:38 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id B630760A90; Mon, 29 Nov 2021 18:05:36 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PRQWoxfkKsGq; Mon, 29 Nov 2021 18:05:35 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp3.osuosl.org (Postfix) with ESMTPS id C7A5360754; Mon, 29 Nov 2021 18:05:34 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 6ADC4C0012; Mon, 29 Nov 2021 18:05:34 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 940BBC000A for <dev@openvswitch.org>; Mon, 29 Nov 2021 18:05:32 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 8075A402ED for <dev@openvswitch.org>; Mon, 29 Nov 2021 18:05:32 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp2.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9JhyKI5Cj9Dx for <dev@openvswitch.org>; Mon, 29 Nov 2021 18:05:31 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id 28F9740119 for <dev@openvswitch.org>; Mon, 29 Nov 2021 18:05:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1638209130; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=FPhDKX7ihdwPkQ3kYp/IffXM5GczjJW9kuM1g0Pn40g=; b=ibx/5n/L3FrRG1JGN9UoXVkHqtnqTXp7rr4lX/BiAg3rXzgdu9Bf6ozrbVY5vsWN9NkTCi BJx9o9D4QJnwPNqYdDb8wtAwISkePfcZETdOqdDh2NYXG9gJ6bA22gjmTd99io/ctvFXL3 //UNd2/vENKmhunZk7PwBq6JZmTzZk8= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-460-XsoqNCEOMZGCoaeLgmTigg-1; Mon, 29 Nov 2021 13:05:27 -0500 X-MC-Unique: XsoqNCEOMZGCoaeLgmTigg-1 Received: by mail-wm1-f72.google.com with SMTP id j25-20020a05600c1c1900b00332372c252dso11275498wms.1 for <dev@openvswitch.org>; Mon, 29 Nov 2021 10:05:27 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:from:to:cc:date:message-id:user-agent :mime-version:content-transfer-encoding; bh=FPhDKX7ihdwPkQ3kYp/IffXM5GczjJW9kuM1g0Pn40g=; b=cBFEfLazDmZoeOLv+v1Q660oejU+3Q4tSqLBnt0gFxHlUw+hhpkKxqKtJUKMjSuAjM ubVXQ8mpfpi34lpKqnl+pHhWj4MCnZFtpTeX1qVQOWY88dT8dfXoGcL3hbc2I4pnWDUV +1qT5643RlDZeQW5SaurBxPUq5NSgcfYrSU8+Hx5ONOkV79NEvHuAoQzcSWJr9yYnBV8 d2jI2FO/EWiZ1VWr96pW4dmJcRhaOHyVyqfbKnPL3PAOgKMtW+xrYMVxhhfs+vpXmu1j lSN/9zVL0niUgxYF+/axNMLxvDaCV0yNx5R+SFUQtOK5nnu9hPKZ6HPj36IR7mxRasfp orRg== X-Gm-Message-State: AOAM5318MphRRWA3NGuillDtMgAJx1tkZ70U0lkxa+m2Jlc2ByZ1synK iyYuKSJ2aVIG/myW70Qm9R/P4jsoUCbei+Vcs/U1IHmuMszGmnO0SQeuUgiqAiYpMKLSRnwgZhz S3lqRQRb/nr5+3LBaGdP00hdTcTZ6W7BnamT+5VDk8V+uhTItjdzFJPEAHxLc+Av0 X-Received: by 2002:a5d:64ed:: with SMTP id g13mr35553192wri.439.1638209125839; Mon, 29 Nov 2021 10:05:25 -0800 (PST) X-Google-Smtp-Source: ABdhPJy8thnP/8W3j5tu7BU1rZzruLuk3kVB0YM8uirK7ZJLB4QjmO0pTX0koQp/QN0fn/NQzqagug== X-Received: by 2002:a5d:64ed:: with SMTP id g13mr35553144wri.439.1638209125472; Mon, 29 Nov 2021 10:05:25 -0800 (PST) Received: from localhost (net-5-88-23-84.cust.vodafonedsl.it. [5.88.23.84]) by smtp.gmail.com with ESMTPSA id m9sm37217wmq.1.2021.11.29.10.05.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Nov 2021 10:05:25 -0800 (PST) From: Paolo Valerio <pvalerio@redhat.com> To: dev@openvswitch.org Date: Mon, 29 Nov 2021 19:05:10 +0100 Message-ID: <163820911055.3001886.13118680364054625917.stgit@fed.void> User-Agent: StGit/1.1 MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=pvalerio@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: fbl@redhat.com, i.maximets@ovn.org Subject: [ovs-dev] [PATCH RFC 0/5] conntrack: Introduce buckets and reduce contention. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: <ovs-dev.openvswitch.org> List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>, <mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe> List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/> List-Post: <mailto:ovs-dev@openvswitch.org> List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help> List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>, <mailto:ovs-dev-request@openvswitch.org?subject=subscribe> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" <ovs-dev-bounces@openvswitch.org> |
| Series |
conntrack: Introduce buckets and reduce contention.
|
expand
|
This series aims to share the work done so far, and to start a discussion of a slightly different approach in terms of the way we handle the connections. It's not considered ready as further work and extensive tests are needed. There are two main logical changes that the series tries to introduce. The first one is the reintroduction of buckets, the second one is the removal of the expiration lists. The first two patches are a prereq and were picked (untouched) from this series (by Gaetan): https://patchwork.ozlabs.org/project/openvswitch/list/?series=249027&state=* The third patch is a follow up of the following: https://patchwork.ozlabs.org/project/openvswitch/patch/20201129033255.64647-2-hepeng.0320@bytedance.com/ Some logic has changed, but the overall idea remained the same. Additional details in the patch description. The fourth patch introduces the buckets and removes the expiration lists. The buckets got reintroduced as cmaps instead of hmaps, trying to narrow down the critical sections as well. An alternative approach may involve the replacement of cmaps with linked lists (without increasing the number of locks), increasing the number of buckets (it could involve the ability to change the buckets number when the user changes the connection limit). This could improve the stale conns eviction during the processing of the packet, but this is currently out of scope for this series (can be discussed, though). The insertion, namely the creation of the connection, can probably be improved (or at least an improvement can be evaluated), as, in case of nat, it acquires the bucket locks calling nat_get_unique_tuple_lock(). This is needed because we may need to know the reverse tuple before locking in order to acquire the locks in the right way to avoid ABBA deadlocks. Further details about locking may be found in patch #4 description. There's a known issue, and it is related mostly to zone limit. Keeping the stale entries, leads to a mismatch between the current number of per zone connections and the actual number of valid connections. This means that if we have a small zone limit number, we may wait a whole "next_wakeup" time before the entries get cleaned up (assuming we have candidates for removal). This could be avoided, e.g. triggering a per zone cleanup when a threshold of connections has been reached (it may involve a different way to account the per zone connections). Other approaches are possible (e.g. cleaning the zone from the packet path during the insertion), but both require additional handling. Expiration lists have been removed for the sake of evaluation, but they could be included and duplicated among buckets. In this way we could distribute the contention (as a matter of fact reducing the number of connections per list) that affects the write access to a single data structure during every connection update. Patch #5 reintegrates the command below with multiple buckets: ovs-appctl dpctl/ct-bkts A couple of minor patches have been kept out of the series, for the time being, as they strongly depend on #4. Gaetan Rivet (2): conntrack: Use a cmap to store zone limits conntrack-tp: Use a cmap to store timeout policies Paolo Valerio (2): conntrack: Split single cmap to multiple buckets. conntrack: Make ovs-appctl dpctl/ct-bkts work with multiple buckets Peng He (1): conntrack: Replaces nat_conn introducing key directionality. lib/conntrack-private.h | 58 ++- lib/conntrack-tp.c | 102 ++--- lib/conntrack.c | 952 ++++++++++++++++++++++------------------ lib/conntrack.h | 4 +- lib/dpif-netdev.c | 5 +- tests/system-traffic.at | 5 +- 6 files changed, 608 insertions(+), 518 deletions(-)