[Devel] Re: [NETFILTER] early_drop() imrovement (v4)

[Martin Josefsson]

On Tue, 3 Jul 2007, Rusty Russell wrote:

> This looks good.  The randomness in the hash means we no longer need the
> "hit the same hash bucket" heuristic to avoid hashbombing.
>
> I still wonder if we should batch up the drops a little while we're
> doing all this work?  Should reduce stress under serious flood load.

Yes we should really do that, going searching for something to evict 
for each new connection attempt is really painful and in this 
overload situation we need all the cpu we can get.

/Martin