From 01cb21605be06f4d949c56cfab80ad09d2132931 Mon Sep 17 00:00:00 2001 From: kmacy Date: Mon, 22 Mar 2010 23:04:12 +0000 Subject: - boot-time size the ipv4 flowtable and the maximum number of flows - increase flow cleaning frequency and decrease flow caching time when near the flow limit - stop allocating new flows when within 3% of maxflows don't start allocating again until below 12.5% MFC after: 7 days --- sys/netinet/ip_input.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'sys/netinet') diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index d91bcb0..8be51fb 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -327,8 +327,20 @@ ip_init(void) "error %d\n", __func__, i); #ifdef FLOWTABLE - TUNABLE_INT_FETCH("net.inet.ip.output_flowtable_size", - &V_ip_output_flowtable_size); + if (TUNABLE_INT_FETCH("net.inet.ip.output_flowtable_size", + &V_ip_output_flowtable_size)) { + if (V_ip_output_flowtable_size < 256) + V_ip_output_flowtable_size = 256; + if (!powerof2(V_ip_output_flowtable_size)) { + printf("flowtable must be power of 2 size\n"); + V_ip_output_flowtable_size = 2048; + } + } else { + /* + * round up to the next power of 2 + */ + V_ip_output_flowtable_size = 1 << fls((1024 + maxusers * 64)-1); + } V_ip_ft = flowtable_alloc("ipv4", V_ip_output_flowtable_size, FL_PCPU); #endif -- cgit v1.1