[Devel] Re: [PATCH 1/4] netns: Tag the network flow with the network namespace it is in (v2)
Denis V. Lunev
den at sw.ru
Tue Dec 4 10:42:49 PST 2007
Stephen Hemminger wrote:
> Can this be made conditional on network namespaces being configured on?
> That way the flow structure won't have to grow taking more space.
> It matters in DoS attacks where flow cache becomes a critical resource.
could you exactly point me out the flow cache your are talking about.
Is this dst entry cache or struct flow_cache described in the
net/core/flow.c
For the latter case, there is completely no difference in the size on my
x86_64 host with SLAB allocator, i.e. there are 30 objects per slab
with/without fl_net (objsize = 128).
Regards,
Den
More information about the Devel
mailing list