[CFT/R] IPv4 source address selection
Julian Elischer
julian at elischer.org
Wed Sep 17 01:12:26 UTC 2008
Bjoern A. Zeeb wrote:
> On Sun, 24 Aug 2008, Bjoern A. Zeeb wrote:
>
> Hi,
>
>> I have a patch, that was inspired by work from Y!, to do porper
>> IPv4 source address selection for unbound sockets (with multi-IP
>> jails).
>>
>> You can temporary find it here:
>> http://people.freebsd.org/~bz/20080823-01-in_pcbladdr.diff
>>
>> People running my latest jail patches have been ``testing'' this
>> without really knowing the last weeks.
>>
>> In case you wonder why, in the jail case, I loop over the ifa first
>> before simply falling back to the primary jail IP (which is the only
>> jail IP as in HEAD) -- this is because with the upcoming jail patches
>> I have to check if any of possibly lots of IPs match any IP on an
>> interface and only if none matches I have to fall back to the 'primary'
>> jail IP.
>> So the code has been prepared for upcoming changes already.
>>
>>
>> Feel free to test it and report problems or unexpected behavior.
>> Unless someone is going to cry it'll hit HEAD in a few days.
>
> Okay, there was close to zero feedback:(
sorry I'm flat out, but very interested..
>
> I had Kris test it performance wise and he found a performance regression
> and I talked to Robert about the general code a bit more then decided
> that I can simplify it. After that I re-ran some performance tests
> myself and found that passing in pointers improves things and now we are
> at the following with unbound udp sockets:
>
> x cvs-plain2
> + bz-laddr
> +------------------------------------------------------------+
> |+ + + + x x x + x|
> | |______________________A_____M________|_______|_A________||
> +------------------------------------------------------------+
> N Min Max Median Avg
> Stddev
> x 5 498932.16 500399.34 499727.93 499724.08 668.35243
> + 5 496178.62 500190.01 498391.13 497996.98 1649.8572
> No difference proven at 95.0% confidence
>
> x cvs-plain2-jailed
> + bz-laddr-jailed
> +------------------------------------------------------------+
> |x + * + xx + x +|
> | ||_________________M_AA______M____________|| |
> +------------------------------------------------------------+
> N Min Max Median Avg
> Stddev
> x 5 493049.99 499015.59 497250.89 496364.37 2305.2757
> + 5 493335.46 499712.52 496067.19 496411.24 2431.479
> No difference proven at 95.0% confidence
>
>
> For jails this already has the loops, though I was still trying
> with a single (extra) IP only.
>
> So the latest patch is here:
> http://people.freebsd.org/~bz/20080831-01-in_pcbladdr.diff
>
> I'd really like some review before this goes in especially as it
> changes the semantics for jails a bit more. I'll probably time out
> by Sunday (UTC) or so; in case you want to look at it but need more
> time, let me know and I'll wait.
>
> /bz
>
>
> PS: I'll also post an updated jail patch for HEAD with this change in case
> people want to try that with multi-IP jails.
>
>
>> PS: in case you review this properly (not only glance at it or test
>> it) let me know so I can punish you in the Reviewed by: line;-)
>
More information about the freebsd-net
mailing list