cvs commit: src/sys/netgraph/netflow netflow.c netflow.h
ng_netflow.c ng_netflow.h
Gleb Smirnoff
glebius at FreeBSD.org
Wed May 11 04:33:13 PDT 2005
On Wed, May 11, 2005 at 11:26:24AM +0000, Gleb Smirnoff wrote:
T> A new version of NetFlow node.
T>
T> The most significant changes are:
T> - Use UMA zone instead of own chunk of memory.
T> - Lock each hash entry separately.
T> - Expire items "actively" - interrupt method can expire flows
T> from hash slot, when it searches through it.
T> - Remove global tailqueue. Make callout thread search through
T> every hash slot.
T> - Export datagram is detached from private data and filled. If
T> it is incomplete, it is attached back. Another thread will
T> continue working with it.
T>
T> Lesser, but also important speedups:
T> - Flows in hash slot are stored in tailqueue. Whenever a flow is
T> hit, it is moved to the begging, so it can be located quicker.
T> - When callout thread works with hash slot it bails out if
T> slot mutex is contested.
With this new version I'm now processing live traffic via switch mirror
port. The traffic pattern is quite unpleasant for NetFlow, there are
lots of small flows in it - this is traffic of a big web services data
center.
Now more than 140 kpps is processed, half a gigabit. More than 21k exports
are created per second. Average NetFlow cache size is 170k entries.
I've been told about results of 190 kpps on RELENG_5.
--
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
More information about the cvs-src
mailing list