On Thu, 2018-03-01 at 18:58 -0800, Cong Wang wrote: > As suggested by Eric, we need to make the xt_rateest > hash table and its lock per netns to reduce lock > contentions. > > Cc: Florian Westphal <f...@strlen.de> > Cc: Eric Dumazet <eduma...@google.com> > Cc: Pablo Neira Ayuso <pa...@netfilter.org> > Signed-off-by: Cong Wang <xiyou.wangc...@gmail.com> > --- > include/net/netfilter/xt_rateest.h | 4 +- > net/netfilter/xt_RATEEST.c | 91 > +++++++++++++++++++++++++++----------- > net/netfilter/xt_rateest.c | 10 ++--- > 3 files changed, 72 insertions(+), 33 deletions(-)
Very nice, thanks ! Reviewed-by: Eric Dumazet <eduma...@google.com> Although the main reason was to avoid name collisions between different netns. Hash table is small enough that it can be allocated for each netns.
