LVS
lvs-devel
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

[PATCH nf-next 0/6] IPVS changes, part 2 of 4 - optimizations

from [Julian Anastasov] [Permanent Link]
To: Simon Horman <horms@xxxxxxxxxxxx>
Subject: [PATCH nf-next 0/6] IPVS changes, part 2 of 4 - optimizations
Cc: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>, lvs-devel@xxxxxxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxx, Dust Li <dust.li@xxxxxxxxxxxxxxxxx>, Jiejian Wu <jiejian@xxxxxxxxxxxxxxxxx>
From: Julian Anastasov <ja@xxxxxx>
Date: Sat, 14 Feb 2026 17:12:24 +0200 
        Hello,

        This patchset is part 2 of changes that accumulated in
recent time. It is for nf-next and should be applied when the patches
from part 1 are already applied. It contains optimizations and
per-net changes.

        All patches here come from the work
"ipvs: per-net tables and optimizations" last posted
on 19 Oct 2025 as v6, with the following changes:

Patch 1 comes from v6/patch 2 without changes

Patch 2 comes from v6/patch 3 with cosmetic change:
  - we can not use lockdep_is_held() condition because hlist_bl does
  not support such debugging yet, readers can be only under RCU lock.
  That is the reason for the rcu_read_lock() in the updating code
  in ip_vs_genl_set_cmd().

Patch 3 comes from v6/patch 4 without changes

Patch 4 comes from v6/patch 5 but some of its content was moved
  also to part1/patch 2

Patch 5 comes from v6/patch 6 without changes

Patch 6 comes from v6/patch 11 with small changes because
  it was moved forward before other patches from part 3 and 4

        As result, the following patches will:

* Convert the global __ip_vs_mutex to per-net service_mutex and
  switch the service tables to be per-net, cowork by Jiejian Wu and
  Dust Li

* Convert some code that walks the service lists to use RCU instead of
  the service_mutex

* We used two tables for services (non-fwmark and fwmark), merge them
  into single svc_table

* The list for unavailable destinations (dest_trash) holds dsts and
  thus dev references causing extra work for the ip_vs_dst_event() dev
  notifier handler. Change this by dropping the reference when dest
  is removed and saved into dest_trash. The dest_trash will need more
  changes to make it light for lookups. TODO.

* On new connection we can do multiple lookups for services by trying
  different fallback options. Add more counters for service types, so
  that we can avoid unneeded lookups for services.

* The no_cport and dropentry counters can be per-net and also we can
avoid extra conn lookups


Jiejian Wu (1):
  ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns

Julian Anastasov (5):
  ipvs: some service readers can use RCU
  ipvs: use single svc table
  ipvs: do not keep dest_dst after dest is removed
  ipvs: use more counters to avoid service lookups
  ipvs: no_cport and dropentry counters can be per-net

 include/net/ip_vs.h             |  39 +++-
 net/netfilter/ipvs/ip_vs_conn.c |  64 +++---
 net/netfilter/ipvs/ip_vs_core.c |   2 +-
 net/netfilter/ipvs/ip_vs_ctl.c  | 368 +++++++++++---------------------
 net/netfilter/ipvs/ip_vs_est.c  |  18 +-
 net/netfilter/ipvs/ip_vs_xmit.c |  12 +-
 6 files changed, 212 insertions(+), 291 deletions(-)

-- 
2.53.0
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [PATCH nf 0/2] IPVS changes, part 1 of 4 - fixes, Julian Anastasov
Next by Date:  [PATCH nf-next 4/6] ipvs: do not keep dest_dst after dest is removed, Julian Anastasov
Previous by Thread:  [PATCH nf 0/2] IPVS changes, part 1 of 4 - fixes, Julian Anastasov
Next by Thread:  [PATCH nf-next 4/6] ipvs: do not keep dest_dst after dest is removed, Julian Anastasov
Indexes:  [Date] [Thread] [Top] [All Lists]