From owner-freebsd-current@FreeBSD.ORG Tue Jul 14 13:25:37 2009 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E05131065673 for ; Tue, 14 Jul 2009 13:25:37 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: from web63908.mail.re1.yahoo.com (web63908.mail.re1.yahoo.com [69.147.97.123]) by mx1.freebsd.org (Postfix) with SMTP id 9BB6E8FC15 for ; Tue, 14 Jul 2009 13:25:37 +0000 (UTC) (envelope-from barney_cordoba@yahoo.com) Received: (qmail 64831 invoked by uid 60001); 14 Jul 2009 13:25:36 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1247577936; bh=+72gbo3Knfakdt9/6Gbz2m8+XXYBLdCz3eYVtNqa6YM=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:Cc:MIME-Version:Content-Type; b=Jdwyveu6OQIUfMJR0I96GuIxAKIYpl5LhrxTSidQAsITSMeEwGb9KTNeBjqaH8ggdZqEwg0f5XjdAx9nWBnkOideHOKkEkkJz/6n2cnLxepIdG8E+yQLkLZAl1RjjYdUTxCITBTEYwG7B+HWynal8oInqznmtCoNDaPkcj6Y78U= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:Cc:MIME-Version:Content-Type; b=EZ9GF0Ct4oHEcX1J5iGH82SXnCpjq4HCDPeqlYu9epBJtmbLpBmQXI/surhBx4SSDC8axks4sjDlPEWWkepedGDj/OrEcEqVaY2XvhVll+aYSAsWjMxgm5L2/net3sIfeCOgeRkgg94qPQy8a/E2OIjh4yPbYIUqw9wKso6Lue8=; Message-ID: <875765.64452.qm@web63908.mail.re1.yahoo.com> X-YMail-OSG: jx6oGcsVM1lVwULwVsRUVq3MObjL7CxmEhW23GLtk8NPGH2o7mAzFVyp39k_nqX_0Nj83jh42d80I9KlxqTW.FaKYhZm7OMU42.rtxSlscFbTIxVJJIfP55q6R_Merf31._.qQxnYiUiABjUclz1Lzgf_n5LUziPUPt6Y1TLWzeqNLz87ux6XxQHfIilC9G_0I3Mk4SjWA2PnOtZkf6XppPyAc6bGcssvB965dmc0sMkPOK0DR_mSIKyOnZV2dq05nF7IH4TaLbZyN6JeCADzSNw2OTwmaqtXmGgTPXGYqcXlbNgCIbWShL4xMfr5zgpyujpzUVfP3Xfc9MGyXpMBg-- Received: from [66.176.162.245] by web63908.mail.re1.yahoo.com via HTTP; Tue, 14 Jul 2009 06:25:36 PDT X-Mailer: YahooMailClassic/5.4.17 YahooMailWebService/0.7.289.15 Date: Tue, 14 Jul 2009 06:25:36 -0700 (PDT) From: Barney Cordoba To: Kip Macy MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: current@freebsd.org Subject: Re: Flowtables -- any tuning hints? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jul 2009 13:25:38 -0000 --- On Mon, 7/13/09, Kip Macy wrote: > From: Kip Macy > Subject: Re: Flowtables -- any tuning hints? > To: "Barney Cordoba" > Cc: freebsd-current@freebsd.org > Date: Monday, July 13, 2009, 7:13 PM > The flowtable was initially developed > so that ECMP could support > stateful load-balancing. In some ways it is a stop-gap for > other > areas. > > > Its only a misconception if you think its the only way > to do things, which > > in itself is a misconception. I'm not at liberty to > discuss specifics so i can't defend myself properly. > > > > I will say that designing a 10gb/s "system" that > doesnt work well with a large number of flows kind of misses > the target, don't you think? > > If the only target that you care about is IP forwarding, I > can respond > with an emphatic "yes". If you're running web servers, NFS > servers, > stateful L3 load balancers, and many other applications, > i.e. the > majority of FreeBSD users, I can likewise respond with an > emphatic > "no". There are in fact quite a lot of users of 10Gbps that > don't have > hundreds of thousands of simultaneous peers. > > > > The people who need 10gb/s are isps, universities and > telcos; all of whom have a large number of flows. So I'm not > sure exactly who is going to benefit from the work. > > There seems to be something unusual about the "large number > of > prefixes" crowd in that any facility that doesn't directly > benefit > them is not worth having. You are not the first to step up > and sneer > with contempt, and yet do nothing to address the > architectural flaws > that hamper forwarding performance for your workload, and > you will not > be the last. Actually I've done a LOT to address the issue, but I'm not free to contribute it because the people who've paid a lot of money to get it done don't want to share it with their competitors. The issue isn't whether its "worth having". The issue is 1) Nobody here asking you about it really has any idea about what it is, or what benefit it will actually provide. So you'll have a lot of people blindly using something hoping it will solve problems that they don't begin to understand. 2) Such things tend to become ingrained in the OS because its better than nothing. Netgraph comes to mind. Netgraph is certainly useful, but its done completely wrong from how it should be done, and its become a permenant fixture (and IMO a wart) on the FreeBSD project, because its existence thwarts any other development, since its "good enough" for some people. 3) The network path is so adulterated with firewall variations, altq, dummynet, netgraph, and now flowtables its getting to be quite a joke. You guys can't come up with a clean hooking mechanism that doesn't make the OS code look like a scorecard for a 24 inning baseball game? That being said, it just seems to me that a non-scalable solution to the problem of the OS not scaling well seems like a questionable effort. Barney