CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	kp <kp@FreeBSD.org>
	Thu, 13 Dec 2018 20:00:16 +0000 (20:00 +0000)
committer	kp <kp@FreeBSD.org>
	Thu, 13 Dec 2018 20:00:16 +0000 (20:00 +0000)
commit	e089271b77aa9738a27b522bfceec6e66c9ad2e2
tree	88fa7a93c15337999a2a5f2633ddcb2d7b48c920	tree \| snapshot
parent	3c667743160027c405cf928caa5ce5315ac6d63a	commit \| diff

pfsync: Performance improvement

pfsync code is called for every new state, state update and state
deletion in pf. While pf itself can operate on multiple states at the
same time (on different cores, assuming the states hash to a different
hashrow), pfsync only had a single lock.
This greatly reduced throughput on multicore systems.

Address this by splitting the pfsync queues into buckets, based on the
state id. This ensures that updates for a given connection always end up
in the same bucket, which allows pfsync to still collapse multiple
updates into one, while allowing multiple cores to proceed at the same
time.

The number of buckets is tunable, but defaults to 2 x number of cpus.
Benchmarking has shown improvement, depending on hardware and setup, from ~30%
to ~100%.

Sponsored by: Orange Business Services

share/man/man4/pfsync.4		diff \| blob \| history
sys/netpfil/pf/if_pfsync.c		diff \| blob \| history