Configure more aggressive timeouts on non-ESTABLISHED TCP flow entries#985
Open
FelixMcFelix wants to merge 7 commits into
Open
Configure more aggressive timeouts on non-ESTABLISHED TCP flow entries#985FelixMcFelix wants to merge 7 commits into
FelixMcFelix wants to merge 7 commits into
Conversation
This PR cuts down the TCP state entry expiry times for TCP flow entries which are either still within the three-way handshake or are actively being torn down. This does not affect the validity of any LFT entries which are responsible for actually *procesing* matched packets -- these exist on their own 60s expiry cadence. This might have some impact on flow state tracking, but the correct fix there is to get #744 over the line. Should answer for oxidecomputer/customer-support#1125.
twinfees
added
the
customer
Contributor
|
Added commits to bring this in line with #987. Testing in a4x2 and racklettes has been performed on this code. Note that this has a table size bump to 512k from 8k. This will result in 512k entries per-port in capacity on several tables that were previously limited to 8k. |
Collaborator
Author
|
Thanks for all the testing and further tweaks. I can't self-approve what is technically my own PR, but I'm happy with the changes cherry-picked from #987. The table size bumps should have no impact on workloads with low flow counts -- BTreeMaps do not / cannot preallocate capacity. From here on I'll be prioritising #986 and #779 with this as a base. The latter is more useful for making sure that lookups/insertions/deletions past around 1000 entries remain cheap. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR cuts down the TCP state entry expiry times for TCP flow entries which are either still within the three-way handshake or are actively being torn down. This does not affect the validity of any LFT entries which are responsible for actually procesing matched packets -- these exist on their own 60s expiry cadence.
This might have some impact on flow stat tracking for one or two packets, but the correct fix there is to get #744 over the line.
Should answer for
https://github.com/oxidecomputer/customer-support/issues/1125.