Re: [CFT/R] IPv4 source address selection

From: Bjoern A. Zeeb <bzeeb-lists_at_lists.zabbadoz.net>
Date: Tue, 16 Sep 2008 18:51:04 +0000 (UTC)
On Sun, 24 Aug 2008, Bjoern A. Zeeb wrote:

Hi,

> I have a patch, that was inspired by work from Y!, to do porper
> IPv4 source address selection for unbound sockets (with multi-IP
> jails).
>
> You can temporary find it here:
> http://people.freebsd.org/~bz/20080823-01-in_pcbladdr.diff
>
> People running my latest jail patches have been ``testing'' this
> without really knowing the last weeks.
>
> In case you wonder why, in the jail case, I loop over the ifa first
> before simply falling back to the primary jail IP (which is the only
> jail IP as in HEAD) -- this is because with the upcoming jail patches
> I have to check if any of possibly lots of IPs match any IP on an
> interface and only if none matches I have to fall back to the 'primary'
> jail IP.
> So the code has been prepared for upcoming changes already.
>
>
> Feel free to test it and report problems or unexpected behavior.
> Unless someone is going to cry it'll hit HEAD in a few days.

Okay, there was close to zero feedback:(

I had Kris test it performance wise and he found a performance regression
and I talked to Robert about the general code a bit more then decided
that I can simplify it. After that I re-ran some performance tests
myself and found that passing in pointers improves things and now we are
at the following with unbound udp sockets:

x cvs-plain2
+ bz-laddr
+------------------------------------------------------------+
|+    +                         +   +  x   x       x     +  x|
|  |______________________A_____M________|_______|_A________||
+------------------------------------------------------------+
      N           Min           Max        Median           Avg        Stddev
x   5     498932.16     500399.34     499727.93     499724.08     668.35243
+   5     496178.62     500190.01     498391.13     497996.98     1649.8572
No difference proven at 95.0% confidence

x cvs-plain2-jailed
+ bz-laddr-jailed
+------------------------------------------------------------+
|x  +               *       +         xx  +           x     +|
|        ||_________________M_AA______M____________||        |
+------------------------------------------------------------+
      N           Min           Max        Median           Avg        Stddev
x   5     493049.99     499015.59     497250.89     496364.37     2305.2757
+   5     493335.46     499712.52     496067.19     496411.24      2431.479
No difference proven at 95.0% confidence


For jails this already has the loops, though I was still trying
with a single (extra) IP only.

So the latest patch is here:
http://people.freebsd.org/~bz/20080831-01-in_pcbladdr.diff

I'd really like some review before this goes in especially as it
changes the semantics for jails a bit more. I'll probably time out
by Sunday (UTC) or so; in case you want to look at it but need more
time, let me know and I'll wait.

/bz


PS: I'll also post an updated jail patch for HEAD with this change in case
people want to try that with multi-IP jails.


> PS: in case you review this properly (not only glance at it or test
>    it) let me know so I can punish you in the Reviewed by: line;-)

-- 
Bjoern A. Zeeb              Stop bit received. Insert coin for new game.
Received on Tue Sep 16 2008 - 16:55:08 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:35 UTC