Date: Thu, 24 Jun 2010 10:44:43 -0700 From: "Andrew Kinney" <andykinney@advantagecom.net> To: freebsd-ipfw@freebsd.org Subject: Re: ipfw dyn_buckets relation to dyn_max Message-ID: <4C23371B.8097.6652DFB2@localhost> In-Reply-To: <4C11099D.16213.1F4F72C6@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Since this is not seeing any kind of response, let's try some different questions that could lead me to the answer. Any answers to any of these questions will help. If any of my presumptions are wrong, *please* correct me. First, here is my current understanding of how buckets are used with dynamic rules. After doing some reading on hash tables and buckets, it sounds to me that the srcip/srcport-dstip/dstport data combo is hashed and that hash value is placed in a particular bucket. The number of buckets means that there are a certain number of memory locations or slots that hash values can drop into. More buckets roughly means fewer entries per bucket given the same number of hash values. More buckets to search, but fewer hash entries per bucket to search for matches. Each hash value is a list member and each bucket contains a list. 1. What size buckets are used by ipfw dynamic rules? I'm looking for something I can match up to "vmstat -z". 2. Are buckets fixed in size or do they grow as needed? If I know the size, I know the number of entries each bucket can hold. 3. If they're fixed in size, what is that size? 4. If they can grow as needed, is there a maximum size? I know the distribution between buckets will not be even simply because IP addresses, ports, and traffic volume are not random, but knowing a little more about the buckets will give me at least some rudimentary values to work from for estimating when/if things will break as the number of dynamic rules grows. With a 64 bit kernel, I would hope that kernel memory allocation is only limited by kmem (512GiB on FreeBSD 8.0 release?), physical memory, and the amount of processing power you can throw at it. It would appear that is the case, but I'm new to the 64 bit FreeBSD kernel (familiar with the old 4.x 32 bit kernel) and am uncertain which of the old memory allocation limitations have been removed. Am I on the right track here? Should I be asking different questions? Sincerely, Andrew Kinney President and Chief Technology Officer Advantagecom Networks, Inc. http://www.advantagecom.net phone: 509-522-3696 ext. 101
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C23371B.8097.6652DFB2>