From owner-cvs-all@FreeBSD.ORG Tue Feb 5 14:17:37 2008 Return-Path: Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6501E16A419; Tue, 5 Feb 2008 14:17:37 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from cell.glebius.int.ru (glebius.int.ru [81.19.64.130]) by mx1.freebsd.org (Postfix) with ESMTP id 9EF4A13C4E8; Tue, 5 Feb 2008 14:17:36 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from cell.glebius.int.ru (localhost [127.0.0.1]) by cell.glebius.int.ru (8.14.1/8.14.1) with ESMTP id m15EHdXp062333; Tue, 5 Feb 2008 17:17:39 +0300 (MSK) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.glebius.int.ru (8.14.1/8.14.1/Submit) id m15EHdHn062332; Tue, 5 Feb 2008 17:17:39 +0300 (MSK) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Tue, 5 Feb 2008 17:17:39 +0300 From: Gleb Smirnoff To: Louis Mamakos Message-ID: <20080205141739.GX14339@FreeBSD.org> References: <200801271501.m0RF1Hki089075@repoman.freebsd.org> <20080202201153.GL14339@FreeBSD.org> <47A4E122.8080901@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.5.15 (2007-04-06) Cc: cvs-src@FreeBSD.org, Alexander Motin , src-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/netgraph/netflow ng_netflow.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Feb 2008 14:17:37 -0000 On Sun, Feb 03, 2008 at 11:36:49AM -0500, Louis Mamakos wrote: L> > Gleb Smirnoff пишет: L> >> you should have asked me for review before committing! This is L> >> not a bug, this is a feature. This was quite clear from the comments, L> >> that you removed: L> >> - /* if export hook disconnected stop running expire(). */ L> >> This is intended behavior. We must not lose information unless L> >> user explicitly wants to lose information. In the latter case L> >> he will connect ng_hole(4) node to the "export" hook. But we must L> >> not lose information if user runs some script that swaps receiving L> >> node on the "export" hook. L> >> Please backout this change! L> > L> > Expire process was not depending completely on connected hook even before L> > this commit. For example, every TCP session closing forces some data L> > export. So even with export hook disconnected some data still will be lost L> > and not just lost, but it was leading to memory leak which I have fixed L> > with other commit. That's true. The active TCP close should be reworked. And the new active expiry feature violates the original design, when no export hook ment, no data lose. :( L> If there's a concern about no losing the netflow data, then it's likely that L> it's usually the case that an export hook is connected. If a user wanted to L> change the export arrangement for the netflow data, then just disconnected L> and reconnecting to the export hook won't caused data to be lost if the L> expiry parameters are set to something reasonable. Since expiry runs periodically, then it can race with hook change L> Finally, in the absence of infinite amounts of memory, data will eventually L> be lost. The only decision is over what duration data should be kept around L> so that it might be harvested. It's a huge surprise that the netflow module L> consumes large amounts of kernel memory. As a user, I expected the L> expiration timers to be the policy that I specify to control how long the L> netflow stats are stored, and my expectation wasn't met. Huge surprise? How can you expect a kernel module that stores a lot of data consume a little kernel memory? I agree that the behavior should be documented in manual page and using ng_hole(4) for your case should be advised. If you send me a manual page patch, I can commit it. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE