From owner-freebsd-net Thu Mar 7 4: 0:38 2002 Delivered-To: freebsd-net@freebsd.org Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by hub.freebsd.org (Postfix) with ESMTP id DFB6A37B400; Thu, 7 Mar 2002 04:00:29 -0800 (PST) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc52.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020307120029.MXCA1147.rwcrmhc52.attbi.com@InterJet.elischer.org>; Thu, 7 Mar 2002 12:00:29 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id DAA41437; Thu, 7 Mar 2002 03:51:42 -0800 (PST) Date: Thu, 7 Mar 2002 03:51:41 -0800 (PST) From: Julian Elischer To: Bill Fumerola Cc: Terry Lambert , net@freebsd.org, hackers@freebsd.org Subject: Re: in_pcblookup_hash() called multiple times In-Reply-To: <20020307092848.GX803@elvis.mu.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org what would be even nicer is if ipfw found the cached entry and passed it back to ip_input so it didn't need to :-) On Thu, 7 Mar 2002, Bill Fumerola wrote: > On Wed, Mar 06, 2002 at 05:07:55PM -0800, Terry Lambert wrote: > > > There are redundant calls to the in_pcblookup_hash() in the > > ip_fw_chk() function called via (*ip_fw_chk_ptr)() in the > > ip_input path. > > in addition to what you're talking about, ipfw will repeat the hash > lookup for every rule it goes through that has a uid or gid keyword. > > http://people.freebsd.org/~billf/bsdcon2000/presentation/graphics/countudpfromanytoanyuidbillf.png > http://people.freebsd.org/~billf/bsdcon2000/presentation/graphics/counttcpfromanytoanyuidbillf.png > > 'old ipfw' = ipfw as of oct 2000 > 'new ipfw' = ipfw w/pcb cache + uid cache (as part of a compiled ruleset) > > in the compiled case, in_pcblookup_hash() is called the first time a uid > needs compared. after that, uid lookups become a integer compare and not > another call to in_pcblookup_hash(). gid lookups still use groupmember() > each rule, but also don't have to do a pcb lookup each time. > > > Right now, I'm just talking about a way ip_input could pass > > the already looked up input inpcb to tcp_input, udp_input, > > or udp_ctlinput -- all of which repeat the lookup operation. > > my results are with a cached lookup just in the ipfw code, but if > ip_input() did the lookup and passed it to both ipfw and the protocol > handler that would be nice. > > -- > - bill fumerola / fumerola@yahoo-inc.com / billf@FreeBSD.org / billf@mu.org > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message