Page MenuHomeFreeBSD

Replace the fastforward path with tryforward which does not require a sysctl and will always be on. The former split between default and fast forwarding is removed by this commit while preserving the ability to use all network stack features.
ClosedPublic

Authored by gnn on Oct 30 2015, 8:26 PM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 11 2024, 9:40 AM
Unknown Object (File)
Feb 11 2024, 9:40 AM
Unknown Object (File)
Feb 11 2024, 9:39 AM
Unknown Object (File)
Jan 19 2024, 3:54 AM
Unknown Object (File)
Jan 12 2024, 4:06 PM
Unknown Object (File)
Jan 11 2024, 4:43 AM
Unknown Object (File)
Dec 26 2023, 5:22 PM
Unknown Object (File)
Dec 23 2023, 12:27 AM
Subscribers

Details

Summary

...es. This version addresses
the IPSEC issues now that IPSEC has been updated to be default
in GENERIC

Test Plan

Tested with iperf3 and Conductor and results presented at VBSDCon 2015

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 1012
Build 1015: arc lint + arc unit

Event Timeline

gnn retitled this revision from to Replace the fastforward path with tryforward which does not require a sysctl and will always be on. The former split between default and fast forwarding is removed by this commit while preserving the ability to use all network stack features..
gnn updated this object.
gnn edited the test plan for this revision. (Show Details)

Just a cosmetic/documentation remark:

In sys/netinet/ip_fastfwd.c, comment "Step 1: check for packet drop conditions (and sanity checks)" was removed.
Then comment "Step 2: fallback conditions to normal ip_input path processing" (lines 186 to 188) should be renamed or removed.

You made a system acting as router by default, even when net.inet.ip.forwarding is zero. Is it an intended change?

Good point. I'll add that check.

gnn edited edge metadata.

Add check of forwarding sysctl before calling into tryforward.

Updating D4042: Replace the fastforward path with tryforward which does not require

a sysctl and will always be on. The former split between default
and fast forwarding is removed by this commit while preserving the
ability to use all network stack features.

Remove unnecessary comment per Olivier Couchard.

Updating D4042: Replace the fastforward path with tryforward which does not require

a sysctl and will always be on. The former split between default
and fast forwarding is removed by this commit while preserving the
ability to use all network stack features.

sys/netinet/ip_input.c
83

What you think about reducing namespace pollution and create a simple function in ip_ipsec.c to check SPD availability?

int
ip_ipsec_skip()
{

   return ((key_havesp(IPSEC_DIR_INBOUND) || key_havesp(IPSEC_DIR_OUTBOUND)) == 0);
}
518

This block now can be moved under one #ifdef IPSEC.

gnn marked an inline comment as done.Nov 4 2015, 2:31 PM
gnn added inline comments.
sys/netinet/ip_input.c
83

I had thought about this originally but then the number of places it would be used was too small and I didn't think we'd be adding that many more of them. It could be done outside the context of this particular patch set if people feel really strong about it

ae added a reviewer: ae.
This revision is now accepted and ready to land.Nov 4 2015, 4:55 PM
melifaro edited edge metadata.

I did several forwarding benchmarks based on projects/routing patched with diff 9834.
I tested on 2x E5-2660 (HT off) @ Chelsio T580 HW.
Actual test consists of IPv4 forwarding (128x192 src/dst pairs resulting in close-to-equal traffic distribution on NIC RX rings).
Pure projects/routing results:
1 core: 1.10 mpps, 8 cores: 7.8mpps, 16 cores: 12.7 mpps
Projects/routing w/patch:
1 core: 1.07mpps, 8 cores: 7.95 mpps, 16 cores: 12.7 mpps

I have no good explanation for 8 cores result, but anyway, it looks like performance is roughly the same at least on amd64.

This revision was automatically updated to reflect the committed changes.