git.kernelconcepts.de Git - karo-tx-linux.git/commit

author	Willem de Bruijn <willemb@google.com>
	Tue, 12 May 2015 15:56:49 +0000 (11:56 -0400)
committer	David S. Miller <davem@davemloft.net>
	Wed, 13 May 2015 19:43:00 +0000 (15:43 -0400)
commit	3b3a5b0aab5b9ad345d4beb9a364a7dd02c23d40
tree	07714d34021e3505276c82d8c84c39324c4ddc97	tree \| snapshot
parent	2ccdbaa6d55b0656244ba57c4b56765a0af76c0a	commit \| diff

packet: rollover huge flows before small flows

Migrate flows from a socket to another socket in the fanout group not
only when the socket is full. Start migrating huge flows early, to
divert possible 4-tuple attacks without affecting normal traffic.

Introduce fanout_flow_is_huge(). This detects huge flows, which are
defined as taking up more than half the load. It does so cheaply, by
storing the rxhashes of the N most recent packets. If over half of
these are the same rxhash as the current packet, then drop it. This
only protects against 4-tuple attacks. N is chosen to fit all data in
a single cache line.

Tested:
  Ran bench_rollover for 10 sec with 1.5 Mpps of single flow input.

    lpbb5:/export/hda3/willemb# ./bench_rollover -l 1000 -r -s
    cpu         rx       rx.k     drop.k   rollover     r.huge   r.failed
      0         14         14          0          0          0          0
      1         20         20          0          0          0          0
      2         16         16          0          0          0          0
      3    6168824    6168824          0    4867721    4867721          0
      4    4867741    4867741          0          0          0          0
      5         12         12          0          0          0          0
      6         15         15          0          0          0          0
      7         17         17          0          0          0          0

Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/packet/af_packet.c		diff \| blob \| history
net/packet/internal.h		diff \| blob \| history