From owner-svn-src-head@FreeBSD.ORG Tue Feb 17 07:07:37 2015 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7CCD6C9E; Tue, 17 Feb 2015 07:07:37 +0000 (UTC) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4C40F5F7; Tue, 17 Feb 2015 07:07:37 +0000 (UTC) Received: from julian-mbp3.pixel8networks.com (50-196-156-133-static.hfc.comcastbusiness.net [50.196.156.133]) (authenticated bits=0) by vps1.elischer.org (8.14.9/8.14.9) with ESMTP id t1H77YRl003724 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 16 Feb 2015 23:07:35 -0800 (PST) (envelope-from julian@freebsd.org) Message-ID: <54E2E8B1.3020608@freebsd.org> Date: Mon, 16 Feb 2015 23:07:29 -0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 MIME-Version: 1.0 To: Gleb Smirnoff Subject: Re: svn commit: r278640 - head/sys/netgraph References: <201502122220.t1CMKY8t040498@svn.freebsd.org> <20150214000540.GI15484@FreeBSD.org> <54E1D03A.2070904@freebsd.org> <20150216192653.GI15484@FreeBSD.org> In-Reply-To: <20150216192653.GI15484@FreeBSD.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Cc: svn-src-head@freebsd.org, mav@FreeBSD.org, svn-src-all@freebsd.org X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2015 07:07:37 -0000 On 2/16/15 11:26 AM, Gleb Smirnoff wrote: > On Mon, Feb 16, 2015 at 03:10:50AM -0800, Julian Elischer wrote: > J> On 2/13/15 4:05 PM, Gleb Smirnoff wrote: > J> > Hi! > J> > > J> > On Thu, Feb 12, 2015 at 10:20:34PM +0000, Gleb Smirnoff wrote: > J> > T> Author: glebius > J> > T> Date: Thu Feb 12 22:20:34 2015 > J> > T> New Revision: 278640 > J> > T> URL: https://svnweb.freebsd.org/changeset/base/278640 > J> > T> > J> > T> Log: > J> > T> Revise default limit for maximum of netgraph data items. > J> > T> With modern internet speeds the limit can be reached even > J> > T> on a single L2TP link. > J> > > J> > Actually any ng_item of data type requires an mbuf to be connected > J> > to it, and thus I suggest to use mbuf limits to drive ng_item limits. > J> > > J> > If we got an item leak with mbufs being properly freed, then we've > J> > got a bug to fix, and any limit won't work in long run time. I never > J> > evidenced such a bug, but there complaints on hitting limit at > J> > traffic bursts. As said, with previous 512 item limit I experienced > J> > that even on a laptop. > J> > > J> > Any objections on removing the limit, guys? > J> maybe derived from it, but not the same number. > J> maybe change the systctl to define the relationship? > > I guess you want to have ng_items limit smaller than mbuf limit? > How smaller? > > What problem are we actually guarding against putting this limit? general paranoia, and remember 3rd parties write netgraph nodes. I just would limit to say 50% by default and have a sysctl for 1-100 % so netgraph will not lose all mbufs