diff options
| author | Vincent Pelletier <plr.vincent@gmail.com> | 2022-02-19 02:06:23 +0000 |
|---|---|---|
| committer | Rui Salvaterra <rsalvaterra@gmail.com> | 2022-08-11 21:54:09 +0100 |
| commit | 0855549b4bdfb7ff0aacfcfe888919c4060ed102 (patch) | |
| tree | ddd7a97ad1b79970a826d7f573b15476c7c0f07b /target/linux/generic/hack-5.10 | |
| parent | 0179ba7851631416c6f095a9bdd22377d68a0455 (diff) | |
| download | upstream-0855549b4bdfb7ff0aacfcfe888919c4060ed102.tar.gz upstream-0855549b4bdfb7ff0aacfcfe888919c4060ed102.tar.bz2 upstream-0855549b4bdfb7ff0aacfcfe888919c4060ed102.zip | |
kernel: scale nf_conntrack_max more reasonably
Use the kernel's built-in formula for computing this value.
The value applied by OpenWRT's sysctl configuration file does not scale
with the available memory, under-using hardware capabilities.
Also, that formula also influences net.netfilter.nf_conntrack_buckets,
which should improve conntrack performance in average (fewer connections
per hashtable bucket).
Backport upstream commit for its effect on the number of connections per
hashtable bucket.
Apply a hack patch to set the RAM size divisor to a more reasonable value (2048,
down from 16384) for our use case, a typical router handling several thousands
of connections.
Signed-off-by: Vincent Pelletier <plr.vincent@gmail.com>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit 15fbb916669dcdfcc706e9e75263ab63f9f27c00)
Diffstat (limited to 'target/linux/generic/hack-5.10')
| -rw-r--r-- | target/linux/generic/hack-5.10/661-kernel-ct-size-the-hashtable-more-adequately.patch | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/target/linux/generic/hack-5.10/661-kernel-ct-size-the-hashtable-more-adequately.patch b/target/linux/generic/hack-5.10/661-kernel-ct-size-the-hashtable-more-adequately.patch new file mode 100644 index 0000000000..dd67c76b13 --- /dev/null +++ b/target/linux/generic/hack-5.10/661-kernel-ct-size-the-hashtable-more-adequately.patch @@ -0,0 +1,25 @@ +From 804fbb3f2ec9283f7b778e057a68bfff440a0be6 Mon Sep 17 00:00:00 2001 +From: Rui Salvaterra <rsalvaterra@gmail.com> +Date: Wed, 30 Mar 2022 22:51:55 +0100 +Subject: [PATCH] kernel: ct: size the hashtable more adequately + +To set the default size of the connection tracking hash table, a divider of +16384 becomes inadequate for a router handling lots of connections. Divide by +2048 instead, making the default size scale better with the available RAM. + +Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com> +--- + net/netfilter/nf_conntrack_core.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/net/netfilter/nf_conntrack_core.c ++++ b/net/netfilter/nf_conntrack_core.c +@@ -2576,7 +2576,7 @@ int nf_conntrack_init_start(void) + + if (!nf_conntrack_htable_size) { + nf_conntrack_htable_size +- = (((nr_pages << PAGE_SHIFT) / 16384) ++ = (((nr_pages << PAGE_SHIFT) / 2048) + / sizeof(struct hlist_head)); + if (BITS_PER_LONG >= 64 && + nr_pages > (4 * (1024 * 1024 * 1024 / PAGE_SIZE))) |