From: Alexei Starovoitov <ast@plumgrid•com>
To: Daniel Borkmann <daniel@iogearbox•net>,
"David S. Miller" <davem@davemloft•net>
Cc: Eric Dumazet <edumazet@google•com>, Thomas Graf <tgraf@suug•ch>,
Jamal Hadi Salim <jhs@mojatatu•com>,
John Fastabend <john.r.fastabend@intel•com>,
netdev@vger•kernel.org
Subject: Re: [PATCH RFC net-next] netif_receive_skb performance
Date: Wed, 29 Apr 2015 15:20:13 -0700 [thread overview]
Message-ID: <5541591D.3070505@plumgrid.com> (raw)
In-Reply-To: <5540A665.7030406@iogearbox.net>
On 4/29/15 2:37 AM, Daniel Borkmann wrote:
>
> Is the below the case where the conntracker has always a miss and thus
> each time needs to create new entries, iow pktgen DoS with random IPs?
not really. As far as I understand it's not doing much, just being
invoked as part of default code path. Not sure. This was a default
number on my setup with all modules loaded. I have empty
iptables/nat/ct rules. I mentioned it, since that is what most linux
users will see by default from their distro.
>> Few other numbers for comparison with dmac == eth0 mac:
>> no qdisc, with conntrack and empty iptables - 2.2 Mpps
>> 7.65% kpktgend_0 [nf_conntrack] [k] nf_conntrack_in
>> 7.62% kpktgend_0 [kernel.vmlinux] [k] fib_table_lookup
>> 5.44% kpktgend_0 [kernel.vmlinux] [k] __call_rcu.constprop.63
>> 3.71% kpktgend_0 [kernel.vmlinux] [k] nf_iterate
>> 3.59% kpktgend_0 [ip_tables] [k] ipt_do_table
>>
>> no qdisc, unload conntrack, keep empty iptables - 5.4 Mpps
>> 18.17% kpktgend_0 [kernel.vmlinux] [k] fib_table_lookup
>> 8.31% kpktgend_0 [kernel.vmlinux] [k] ip_rcv
>> 7.97% kpktgend_0 [kernel.vmlinux] [k] __netif_receive_skb_core
>> 7.53% kpktgend_0 [ip_tables] [k] ipt_do_table
>>
>> no qdisc, unload conntrack, unload iptables - 6.5 Mpps
>> 21.97% kpktgend_0 [kernel.vmlinux] [k] fib_table_lookup
>> 9.64% kpktgend_0 [kernel.vmlinux] [k] __netif_receive_skb_core
>> 8.44% kpktgend_0 [kernel.vmlinux] [k] ip_rcv
>> 7.19% kpktgend_0 [kernel.vmlinux] [k] __skb_clone
>> 6.89% kpktgend_0 [kernel.vmlinux] [k] fib_validate_source
prev parent reply other threads:[~2015-04-29 22:20 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-29 2:11 [PATCH RFC net-next] netif_receive_skb performance Alexei Starovoitov
2015-04-29 2:11 ` [PATCH RFC net-next] pktgen: introduce 'rx' mode Alexei Starovoitov
2015-04-29 4:14 ` Eric Dumazet
2015-04-29 21:55 ` Alexei Starovoitov
2015-04-29 22:19 ` Eric Dumazet
2015-04-29 22:38 ` Alexei Starovoitov
2015-04-29 22:56 ` Eric Dumazet
2015-04-29 23:28 ` Alexei Starovoitov
2015-04-29 23:39 ` Eric Dumazet
2015-04-29 23:59 ` Alexei Starovoitov
2015-04-29 5:23 ` [PATCH RFC net-next] netif_receive_skb performance Eric Dumazet
2015-04-29 22:15 ` Alexei Starovoitov
2015-04-29 9:37 ` Daniel Borkmann
2015-04-29 22:20 ` Alexei Starovoitov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5541591D.3070505@plumgrid.com \
--to=ast@plumgrid$(echo .)com \
--cc=daniel@iogearbox$(echo .)net \
--cc=davem@davemloft$(echo .)net \
--cc=edumazet@google$(echo .)com \
--cc=jhs@mojatatu$(echo .)com \
--cc=john.r.fastabend@intel$(echo .)com \
--cc=netdev@vger$(echo .)kernel.org \
--cc=tgraf@suug$(echo .)ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox