diff options
author | melifaro <melifaro@FreeBSD.org> | 2012-04-06 06:55:21 +0000 |
---|---|---|
committer | melifaro <melifaro@FreeBSD.org> | 2012-04-06 06:55:21 +0000 |
commit | 85ccef88d3440944ee1c97a3fba3e8718d05fb8e (patch) | |
tree | 9ef2a8c79325381d2620c436f7de019ef62c053f /share/man/man4/bpf.4 | |
parent | 8b1d10268c8ffd28f6c4b0da1e3906b139fc94cf (diff) | |
download | FreeBSD-src-85ccef88d3440944ee1c97a3fba3e8718d05fb8e.zip FreeBSD-src-85ccef88d3440944ee1c97a3fba3e8718d05fb8e.tar.gz |
- Improve performace for writer-only BPF users.
Linux and Solaris (at least OpenSolaris) has PF_PACKET socket families to send
raw ethernet frames. The only FreeBSD interface that can be used to send raw frames
is BPF. As a result, many programs like cdpd, lldpd, various dhcp stuff uses
BPF only to send data. This leads us to the situation when software like cdpd,
being run on high-traffic-volume interface significantly reduces overall performance
since we have to acquire additional locks for every packet.
Here we add sysctl that changes BPF behavior in the following way:
If program came and opens BPF socket without explicitly specifyin read filter we
assume it to be write-only and add it to special writer-only per-interface list.
This makes bpf_peers_present() return 0, so no additional overhead is introduced.
After filter is supplied, descriptor is added to original per-interface list permitting
packets to be captured.
Unfortunately, pcap_open_live() sets catch-all filter itself for the purpose of
setting snap length.
Fortunately, most programs explicitly sets (event catch-all) filter after that.
tcpdump(1) is a good example.
So a bit hackis approach is taken: we upgrade description only after second
BIOCSETF is received.
Sysctl is named net.bpf.optimize_writers and is turned off by default.
- While here, document all sysctl variables in bpf.4
Sponsored by Yandex LLC
Reviewed by: glebius (previous version)
Reviewed by: silence on -net@
Approved by: (mentor)
MFC after: 4 weeks
Diffstat (limited to 'share/man/man4/bpf.4')
-rw-r--r-- | share/man/man4/bpf.4 | 31 |
1 files changed, 27 insertions, 4 deletions
diff --git a/share/man/man4/bpf.4 b/share/man/man4/bpf.4 index e69456a..a317920 100644 --- a/share/man/man4/bpf.4 +++ b/share/man/man4/bpf.4 @@ -952,10 +952,33 @@ array initializers: .Fn BPF_STMT opcode operand and .Fn BPF_JUMP opcode operand true_offset false_offset . -.Sh FILES -.Bl -tag -compact -width /dev/bpf -.It Pa /dev/bpf -the packet filter device +.Sh SYSCTL VARIABLES +A set of +.Xr sysctl 8 +variables controls the behaviour of the +.Nm +subsystem +.Bl -tag -width indent +.It Va net.bpf.optimize_writers: No 0 +Various programs use BPF to send (but not receive) raw packets +(cdpd, lldpd, dhcpd, dhcp relays, etc. are good examples of such programs). +They do not need incoming packets to be send to them. Turning this option on +makes new BPF users to be attached to write-only interface list until program +explicitly specifies read filter via +.Cm pcap_set_filter() . +This removes any performance degradation for high-speed interfaces. +.It Va net.bpf.stats: +Binary interface for retrieving general statistics. +.It Va net.bpf.zerocopy_enable: No 0 +Permits zero-copy to be used with net BPF readers. Use with caution. +.It Va net.bpf.maxinsns: No 512 +Maximum number of instructions that BPF program can contain. Use +.Xr tcpdump 1 +-d option to determine approximate number of instruction for any filter. +.It Va net.bpf.maxbufsize: No 524288 +Maximum buffer size to allocate for packets buffer. +.It Va net.bpf.bufsize: No 4096 +Default buffer size to allocate for packets buffer. .El .Sh EXAMPLES The following filter is taken from the Reverse ARP Daemon. |